HashiCorp Cloud Platform
Constraints and limitations
Here are some known issues and limitations working with HCP Vault Secrets today.
Secret name constraints
Secret names must conform to the following rules:
- Must be between 1 and 64 characters
- Must start with ASCII letter or '_' and then only contain ASCII letters, digits, or '_'.
Secret value size
The current character limit for the secret value is 5120 characters per secret
GitHub sync integration limitations
- You can only create new GitHub sync integrations from HCP Vault Secrets, and you cannot trigger them from the GitHub marketplace.
Vercel sync limitations
- You can only create new Vercel Sync Integrations from HCP Vault Secrets, and you cannot trigger them from the Vercel marketplace.
- You can only sync secrets from a single HCP Project to Vercel.
- You can only sync secrets to a single Vercel Account.
Deleting sync integrations
The sync construct is composed of two parts: the optional installation, which holds the authentication details to be reused, and the integration, which contains the sync configuration fields, and may optionally depend on the installation. Deleting sync integrations can be done via the UI or API. Deleting an installation can only be done via the API.
Unintended disconnection of sync integrations from app in API
There is a known bug with the raw API where a PATCH request to edit an App's
Description without also passing the sync_integrations
field will result in
all sync integrations being disconnected from the Application. To get around
this, edit your App's Description in the UI or CLI, or pass your App's existing
integrations in as part of your PATCH request body even though you aren't
changing them.
If you accidentally disconnect your App's integrations this way, you can attach them again with a second PATCH request, as the integrations were not deleted, just disconnected.
Audit log for integrations
Currently, HCP Vault Secrets only shows the Force Sync event on the audit logs. Other events related to integrations won't show up on audit logs.