Default version /secret kv engine?

[Sai Pranav Ravichandran]

By default, Vault enables a secrets engine called kv at the path secret/ but which version?
Latest vault docker gives a v2 for kv at /secret

Latest vault binary gives a v1 for kv at /secret

also there is no documentation on which version of kv is /secret initialized

[Chris Hoffman]

All -dev servers automatically mount kv v2 by default but new initialized servers mount kv v1.  This is mainly a transition step so not to break existing scripts that are initializing real servers but begin to introduce the new default for future servers.  Additionally, many users don’t rely on the automatically mounted mounts and either unmount it or ignore it when starting a new server.  In the future, we may remove the automatically mounted backends or change the mechanism for how it happens.

Chris  

--
This mailing list is governed under the HashiCorp Community Guidelines - https://www.hashicorp.com/community-guidelines.html. Behavior in violation of those guidelines may result in your removal from this mailing list.
 
GitHub Issues: https://github.com/hashicorp/vault/issues
IRC: #vault-tool on Freenode
---
You received this message because you are subscribed to the Google Groups "Vault" group.
To unsubscribe from this group and stop receiving emails from it, send an email to vault-tool+...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/vault-tool/345d270b-3433-4859-a45c-c4a08dbd034f%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Sai Pranav Ravichandran]

Thanks Chris, it would be great if we can update this in docs too

[fr...@mode.net]

This is documented.

https://www.vaultproject.io/docs/secrets/kv/kv-v2.html

when running a dev-mode server, the v2 kv secrets engine is enabled by default at the path secret/ (for non-dev servers, it is currently v1)

[Sai Pranav Ravichandran]

Oops, I should have read that before asking here. Thanks for the support.