HashiTalks 2025 Learn about unique use cases, homelab setups, and best practices at scale at our 24-hour virtual knowledge sharing event. Register
HashiCorp Cloud Platform
HashiCorp Cloud Platform Home

Twilio automatic secret rotation

Plus tier

This feature is available in HCP Vault Secrets Plus tier.

Twilio provides a programmatic way for developers to integrate with their services such as SMS, voice, auth, and video in their application using an API key.

HCP Vault Secrets can automatically rotate Twilio API keys.

Prerequisites

  • HCP Vault Secrets standard or plus tier
  • Project level HCP service principal with a service principal key and the HCP viewer role or higher.
  • Environment variables set for the HCP organization ID, project ID, application name, secret name, service principal client ID, and service principal client secret.
  • Access to the Twilio account SID.
  • A Twilio API Key crated in your Twilio Console with the key type set to Main. (Refer to the Twilio API key documentation).

Create a rotating secret

  1. Navigate to an application you would like to add a rotated secret to.

  2. Click Create new secret and select Auto-rotating secret. Create new rotating secret

  3. Enter a unique name for the auto-rotating secret in the Name field.

  4. Select the desired provider from the Provider pulldown menu.

  5. Click + Add new next to the Connection pulldown menu and enter the following: Setup new Twilio Integration

    • Connection Name: Provide a unique name for the connection.
    • Twilio account SID: Enter the account SID found from the Twilio Console.
    • API Key SID: The SID for the Twilio API key.
    • API Key Secret: The Twilio API Key Secret.

  6. Click Save to return to the new secret form.

  7. Click the Rotation frequency pulldown menu and select the desired rotation frequency from the 3 options available - 30 days, 60 days, and 90 days.

  8. Click Save.

    The setup is complete and your first rotating secret has been created.

Delete a Twilio rotation integration

  1. Generate an OAuth token to authenticate with the HCP API.

  2. Delete an existing Twilio rotation integration.

    $ curl \
    --location "https://api.cloud.hashicorp.com/secrets/2023-11-28/organizations/${HCP_ORG_ID}/projects/${HCP_PROJ_ID}/integrations/rotation/twilio/${INTEGRATION_NAME}" \
    --request DELETE \
    --header "Authorization: Bearer ${HCP_API_TOKEN}" | jq

Additional resources