I'm using spring-cloud-vault
to retrieve the versioned kv
from the vault server. When I'm using the environemnt.getSecret("key1")
then it returns only the latest versions of key for example world2
. Is there any way to retrieve the old versions of secrets by specifying the version number for a given key using spring-cloud-vault
library?
#vault kv put secret/my-app key1=world1
Key Value
--- -----
created_time 2018-09-20T12:00:19.6136263Z
deletion_time n/a
destroyed false
version 1
#vault kv put secret/my-app key1=world2
Key Value
--- -----
created_time 2018-09-20T12:00:27.1820524Z
deletion_time n/a
destroyed false
version 2
Thanks for your help.
Spring Cloud Vault supports as of release 2.0 the versioned Key-Value API (key-value backend v2). There are two differences to the non-versioned Key-Value API (key-value backend v1):
With Spring Cloud Vault, only the first aspect, differences in the API, were considered (see the related GitHub ticket for further details).
Spring Cloud Vault does not use the versioning aspect (i.e. reading an older secret version) but rather reads the latest secret version. I filed a ticket for using Vault's versioning features with configuration properties/the
Environment
. That ticket should be a good place to start a discussion about how such an integration could look like and how it could make the most sense.