-
Notifications
You must be signed in to change notification settings - Fork 4.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Feature request: Enable key search in all secrets across engines in instance #8627
Comments
Thanks for opening this request! It's very similar to #1973, but since it discusses typing behavior, I view it as more the UI side of that request, not a dupe. Please do see the linked issue for additional discussion of this feature. Thanks again! |
From my understanding, I believe we need both to accomplish my proposal. Definitely UI related 👍 Thanks for triaging this so quickly. |
@gsilvapt For 1.14 we have implemented something along these lines in the UI. You can now filter the Secret Engines list by engine type or by name. See PR here that has a demo. However, we do not individually check the items in the list for permissions. We use the internal ui endpoint |
The original poster was asking about a search functionality that would search the data stored inside KV secrets engines - not just the names of secret engines themselves, though. |
@maxb Thank you for calling that out. Re-reading, I can see the difference. For now—at least, we're limited to what information is returned to us on the |
this would be a great feature to implement if possible, once in a while want to grab something quick or on the go and having a search in the UI would be ideal. |
At this point I'd settle for being able to search just paths in KV. That would be helpful enough. And as for resource usage, I wonder if the search couldn't be run on the replicas. I'd say that everyone running Vault in production has multiple running (doing nothing but redirecting and replicating if I'm correct) and when they don't, it's probably small enough to be able to run on the master. |
Is your feature request related to a problem? Please describe.
If we have multiple engines with different sets of permissions, it would be great to search for secret's keys. That way, by typing the name of a key, everything related should come up and I can get into that secret instead of trial and error that in all engines. But, it is crucial it still respect's the user's view permissions.
Describe the solution you'd like
Enable key search in all secrets across engines in an instance.
Describe alternatives you've considered
I have to open all engines and all secrets to check whether or not is that the one I want. Or ask where it is located.
Explain any additional use-cases
Additional context
--
The text was updated successfully, but these errors were encountered: