Skip to main content

Mounts

A mount refers to the process of enabling and configuring a secrets engine within Vault. A secrets engine is a module responsible for generating, managing, and accessing secrets securely.

When a secrets engine is mounted in Vault, it becomes available for use by clients and applications. Mounting a secrets engine involves associating a unique path in Vault's hierarchical key-value store with the engine, making its functionality accessible through that path.

Once a secrets engine is successfully mounted, clients can interact with it through API calls or Vault's CLI. They can read, write, and manage secrets within the designated path, subject to the permissions and policies defined for the authenticated user or client.

Mounting secrets engines in Vault allows for centralized secrets management, ensuring that sensitive data is securely stored and accessed. It provides a flexible and scalable solution for managing different types of secrets and integrates seamlessly with various systems and platforms.

Terraform Example


resource "vault_mount" "mount" {
path = "demo"
type = "kv-v2"
description = "Secret Mount"
}