Update/clarify docs on generic backend ttl.

Ping #2697
This commit is contained in:
Jeff Mitchell 2017-05-09 09:56:09 -04:00
parent 8a83389542
commit 7068292252
2 changed files with 11 additions and 2 deletions

View file

@ -51,6 +51,12 @@ $ curl \
} }
``` ```
_Note_: the `lease_duration` field (which on the CLI shows as
`refresh_interval`) is advisory. No lease is created. This is a way for writers
to indicate how often a given value shold be re-read by the client. See the
[Vault Generic backend documentation](/docs/secrets/generic/index.html) for
more details.
## List Secrets ## List Secrets
This endpoint returns a list of key names at the specified location. Folders are This endpoint returns a list of key names at the specified location. Folders are
@ -114,8 +120,9 @@ policy granting the `update` capability.
- `:key` `(string: "")`  Specifies a key, paired with an associated value, to - `:key` `(string: "")`  Specifies a key, paired with an associated value, to
be held at the given location. Multiple key/value pairs can be specified, and be held at the given location. Multiple key/value pairs can be specified, and
all will be returned on a read operation. A key called `ttl` will trigger some all will be returned on a read operation. A key called `ttl` will trigger
special behavior; see above for details. some special behavior; see the [Vault Generic backend
documentation](/docs/secrets/generic/index.html) for details.
### Sample Payload ### Sample Payload

View file

@ -42,6 +42,8 @@ normal `lease_duration`. However, the given value will also still be returned
exactly as specified, so you are free to use that key in any way that you like exactly as specified, so you are free to use that key in any way that you like
if it fits your input data. if it fits your input data.
The backend _never_ removes data on its own; the `ttl` key is merely advisory.
As an example, we can write a new key "foo" to the generic backend mounted at As an example, we can write a new key "foo" to the generic backend mounted at
"secret/" by default: "secret/" by default: