Skip to content

Use Vault-Wizard

Rafay workload wizard users can also configure their workloads to dynamically retrieve secrets from the Vault server configured for the underlying Kubernetes cluster. These secrets are made available to the containers as part of their "Startup Configuration" and can either be:

  • Environment variables OR
  • Files

In keeping with the design philosophy behind the workload wizard, the integration with HashiCorp's Vault is an intuitive and click-to-configure experience. A typical developer can configure their workloads to leverage Vault in just a few clicks.


ENV Variables from Vault

  • Navigate to the Container Configuration for the Wizard based workload
  • Select Startup Configuration and "Add"
  • Select "Environment Variable" for Type
  • Enable the "Secure" Toggle and select "Vault" for Secret Type
  • Provide "name" of the Environment variable, Vault Reference and Vault Role

Vault in Workload Wizard


Files from Vault

  • Navigate to the Container Configuration for the Wizard based workload
  • Select Startup Configuration and "Add"
  • Select "File" for Type
  • Enable the "Secure" Toggle and select "Vault" for Secret Type
  • Provide "File Name", "Vault Reference" and "Mount Point" where this file will be made available to the container

Vault in Workload Wizard