• HashiCorp Developer

  • HashiCorp Cloud Platform
  • Terraform
  • Packer
  • Consul
  • Vault
  • Boundary
  • Nomad
  • Waypoint
  • Vagrant
Vault
  • Install
  • Tutorials
  • Documentation
  • API
  • Integrations
  • Try Cloud(opens in new tab)
  • Sign up
Vault Home

Documentation

Skip to main content
  • Documentation
  • What is Vault?
  • Use Cases

  • Browser Support
  • Installing Vault
    • Overview
    • replication
    • sentinel
      • Overview
      • Aerospike
      • Alicloud OSS
      • Azure
      • Cassandra
      • CockroachDB
      • Consul
      • CouchDB
      • DynamoDB
      • Etcd
      • Filesystem
      • FoundationDB
      • Google Cloud Spanner
      • Google Cloud Storage
      • In-Memory
      • Manta
      • MSSQL
      • MySQL
      • OCI Object Storage
      • PostgreSQL
      • Integrated Storage (Raft)
      • S3
      • Swift
      • Zookeeper
    • telemetry
    • ui
    • Log Completed Requests
    • Entropy Augmentation
      ENTENT
    • kms_library
      ENTENT

  • Vault Integration Program
  • Vault Interoperability Matrix
  • Troubleshoot






  • Glossary


  • Resources

  • Tutorial Library
  • Certifications
  • Community Forum
    (opens in new tab)
  • Support
    (opens in new tab)
  • GitHub
    (opens in new tab)
  1. Developer
  2. Vault
  3. Documentation
  4. Configuration
  5. storage
  6. CockroachDB
  • Vault
  • v1.11.x
  • v1.10.x
  • v1.9.x
  • v1.8.x
  • v1.7.x
  • v1.6.x
  • v1.5.x
  • v1.4.x

»CockroachDB Storage Backend

The CockroachDB storage backend is used to persist Vault's data in a CockroachDB server or cluster.

  • High Availability – the CockroachDB storage backend supports high availability.

  • Community Supported – the CockroachDB storage backend is supported by the community. While it has undergone development and review by HashiCorp employees, they may not be as knowledgeable about the technology.

storage "cockroachdb" {
  connection_url = "postgres://user123:secret123!@localhost:5432/vault"
}

Note - CockroachDB is compatible with the PostgreSQL database driver and uses that driver to interact with the database.

cockroachdb Parameters

  • connection_url (string: <required>) – Specifies the connection string to use to authenticate and connect to CockroachDB. A full list of supported parameters can be found in the pgx library and PostgreSQL connection string documentation. For example connection string URLs, see the examples section below.

  • table (string: "vault_kv_store") – Specifies the name of the table in which to write Vault data. If this table does not exist Vault will attempt to create it.

  • max_parallel (string: "128") – Specifies the maximum number of concurrent requests to CockroachDB.

  • ha_enabled (string: "true|false") - Default not enabled.

  • ha_table (string: "vault_ha_locks") - Specifies the name of the table to use for storing high availability information.

cockroachdb Examples

This example shows connecting to a CockroachDB cluster using full SSL verification (recommended) and high availability enabled.

storage "cockroachdb" {
  connection_url = "postgres://user:pass@localhost:26257/database?sslmode=verify-full"
  ha_enabled     = "true"
}

To disable SSL verification (not recommended), replace verify-full with disable:

storage "cockroachdb" {
  connection_url = "postgres://user:pass@localhost:26257/database?sslmode=disable"
  ha_enabled     = "true"
}
Edit this page on GitHub

On this page

  1. CockroachDB Storage Backend
  2. cockroachdb Parameters
  3. cockroachdb Examples
Give Feedback(opens in new tab)
  • Certifications
  • System Status
  • Terms of Use
  • Security
  • Privacy
  • Trademark Policy
  • Trade Controls
  • Give Feedback(opens in new tab)