HashiCorp Vault

HashiCorp Vault provides a best-in-class solution for managing secrets and protecting sensitive data. Sym enables protecting specific path prefixes in Vault with a sym:approval workflow.

This section is for Sym Implementers!

If your Vault Integration has not yet been set up, please point your Integrator to Setup Vault.

Demo

Example Usage

# Use the Vault Strategy for escalation
resource "sym_strategy" "this" {
  type = "vault"

  integration_id = data.sym_integration.vault.id
  targets = [
    sym_target.breakglass.id
  ]
}

# Expose the breakglass path in Vault as a Target
resource "sym_target" "breakglass" {
  type  = "vault"
  label = "Breakglass"

  settings = {
    path     = "aws/creds/breakglass-role"
    group_id = "73c2684a-87e9-4f18-82dc-cf542b3f3540"
  }
}

What’s Next
Did this page help you?