Add built-in support for HashiCorp Vault in Aspire CommunityToolkit #701
Labels
awaiting response
Waiting for the author of the issue to provide more information or answer a question
enhancement
New feature or request
good first issue
Good for newcomers
help wanted
Extra attention is needed
integration
A new .NET Aspire integration
Comments
aaronpowell
added
enhancement
10 tasks
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Related to an existing integration?
Yes
Existing integration
ParameterResource / Environment configuration
Overview
HashiCorp Vault is a widely-used tool for managing secrets, access tokens, encryption keys, and dynamic credentials.
Currently, Aspire supports environment-bound parameters (
AddParameter(...)) and secrets via user-defined env vars, but lacks native support for a centralized secret store.Adding a Vault integration would enable secure and flexible secret management for distributed apps using Aspire, supporting development and production parity.
Usage example
builder.AddVault("vault")
.WithToken("s.vault-token") // or link to secret parameter
.WithSecret("database-password", out var dbPassword);
builder.AddPostgres("db")
.WithPassword(dbPassword);
Breaking change?
No
Alternatives
Currently, developers have to run Vault externally and manually inject secrets as environment variables into Aspire projects. This results in duplication, potential leaks, and lack of shared secret orchestration within the Aspire application model.
Additional context
Vault supports secret engines like KV, dynamic DB credentials, PKI, and more. It would be a powerful addition to Aspire's growing ecosystem of observability and configuration tools.
Docker image:
hashicorp/vault:1.15Website: https://www.vaultproject.io/
Help us help you
Yes, but only if others can assist
The text was updated successfully, but these errors were encountered: