scottk/vault
1
0
Fork 0
mirror of https://github.com/optim-enterprises-bv/vault.git synced 2025-11-02 11:38:02 +00:00
Code Issues Packages Projects Releases Wiki Activity

backport of commit 2b74a4826b (#22953)

Browse Source 
Co-authored-by: vinay-gopalan <86625824+vinay-gopalan@users.noreply.github.com>
This commit is contained in:
hc-github-team-secure-vault-core
2023-09-08 19:33:21 -04:00
committed by GitHub
parent 7a71782c33
commit fc3fb91a40
5 changed files with 126 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
website/content/api-docs/secret/databases/postgresql.mdx
View File

@@ -27,11 +27,11 @@ has a number of parameters to further configure a connection.
- `connection_url` `(string: <required>)` - Specifies the PostgreSQL DSN. This field
can be templated and supports passing the username and password
parameters in the following format `{{field_name}}`. Certificate authentication
can be used by setting `?sslmode=` to be any of the applicable values as outlined in
can be used by setting `?sslmode=` to be any of the applicable values as outlined in
the [Postgres SQL documentation](https://www.postgresql.org/docs/11/libpq-ssl.html#LIBPQ-SSL-PROTECTION)
and giving the SSL credentials in the `sslrootcert`, `sslcert` and `sslkey` credentials.
A templated connection URL is required when using root credential rotation. This field
supports both format string types, URI and keyword/value. Both formats support multiple
and giving the SSL credentials in the `sslrootcert`, `sslcert` and `sslkey` credentials.
A templated connection URL is required when using root credential rotation. This field
supports both format string types, URI and keyword/value. Both formats support multiple
host connection strings.
Due to how `pgx` works, parameters such as `sslrootcert`, `sslcert`, `sslkey` are treated as paths
on the Vault server.
@@ -51,6 +51,13 @@ has a number of parameters to further configure a connection.
- `password` `(string: "")` - The root credential password used in the connection URL.
- `auth_type` `(string: "")` - If set to `gcp_iam`, will enable IAM authentication to a Google
CloudSQL instance. For more information on authenticating to CloudSQL via IAM, please refer to
Google's official documentation [here.](https://cloud.google.com/sql/docs/postgres/authentication).
- `service_account_json` `(string: "")` - JSON encoded credentials for a GCP Service Account to use
for IAM authentication. Requires `auth_type` to be `gcp_iam`.
- `username_template` `(string)` - [Template](/vault/docs/concepts/username-templating) describing how
dynamic usernames are generated.