github/infisical
1
0
Fork 0
mirror of https://github.com/Infisical/infisical.git synced 2026-01-06 22:23:53 -05:00
Code Issues Packages Projects Releases Wiki Activity

feat(docs): enhance Ansible and Python SDK documentation for dynamic secrets

Browse Source
This commit is contained in:
Victor Santos
2025-12-21 16:39:21 -03:00
parent bded8a4b66
commit 2156bf7603
3 changed files with 569 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

333
docs/integrations/platforms/ansible.mdx
View File

@@ -5,10 +5,8 @@ description: "Learn how to use Infisical for secret management in Ansible."
You can find the Infisical Ansible collection on [Ansible Galaxy](https://galaxy.ansible.com/ui/repo/published/infisical/vault/).
This Ansible Infisical collection includes a variety of Ansible content to help automate the management of Infisical services. This collection is maintained by the Infisical team.
## Ansible version compatibility
Tested with the Ansible Core >= 2.12.0 versions, and the current development version of Ansible. Ansible Core versions prior to 2.12.0 have not been tested.
@@ -20,33 +18,65 @@ Requires Python 3.7 or greater.
## Installing this collection
You can install the Infisical collection with the Ansible Galaxy CLI:
```bash
$ ansible-galaxy collection install infisical.vault
```bash
ansible-galaxy collection install infisical.vault
```
The python module dependencies are not installed by ansible-galaxy. They can be manually installed using pip:
```bash
$ pip install infisicalsdk
pip install infisicalsdk
```
## Using this collection
You can either call modules by their Fully Qualified Collection Name (FQCN), such as `infisical.vault.read_secrets`, or you can call modules by their short name if you list the `infisical.vault` collection in the playbook's collections keyword:
You can either call modules by their Fully Qualified Collection Name (FQCN), such as `infisical.vault.read_secrets`, or you can call modules by their short name if you list the `infisical.vault` collection in the playbook's collections keyword.
### Authentication
## Authentication
The Infisical Ansible Collection supports [Universal Auth](/documentation/platform/identities/universal-auth), [OIDC Auth](/documentation/platform/identities/oidc-auth/general), and [Token Auth](/documentation/platform/identities/token-auth) for authenticating against Infisical.
### Login Module (Recommended)
The recommended approach is to use the `login` module to authenticate once and reuse the credentials across multiple tasks. This reduces authentication overhead and makes playbooks cleaner. Alternatively, you can still pass credentials directly to each plugin/module if preferred.
```yaml
- name: Login to Infisical
infisical.vault.login:
url: "https://app.infisical.com"
auth_method: universal_auth
universal_auth_client_id: "{{ client_id }}"
universal_auth_client_secret: "{{ client_secret }}"
register: infisical_login
- name: Read secrets using cached login
infisical.vault.read_secrets:
login_data: "{{ infisical_login.login_data }}"
project_id: "{{ project_id }}"
env_slug: "dev"
path: "/"
as_dict: true
register: secrets
- name: Use the secrets
debug:
msg: "Database URL is {{ secrets.secrets.DATABASE_URL }}"
```
<AccordionGroup>
<Accordion title="Universal Auth">
Using Universal Auth for authentication is the most straight-forward way to get started with using the Ansible collection.
Using Universal Auth for authentication is the most straight-forward way to get started with using the Ansible collection.
To use Universal Auth, you need to provide the Client ID and Client Secret of your Infisical Machine Identity.
```yaml
lookup('infisical.vault.read_secrets', auth_method="universal-auth", universal_auth_client_id='<client-id>', universal_auth_client_secret='<client-secret>' ...rest)
- name: Login with Universal Auth
infisical.vault.login:
url: "https://app.infisical.com"
auth_method: universal_auth
universal_auth_client_id: "<client-id>"
universal_auth_client_secret: "<client-secret>"
register: infisical_login
```
You can also provide the `auth_method`, `universal_auth_client_id`, and `universal_auth_client_secret` parameters through environment variables:
@@ -66,8 +96,15 @@ The Infisical Ansible Collection supports [Universal Auth](/documentation/platfo
</Note>
```yaml
lookup('infisical.vault.read_secrets', auth_method="oidc-auth", identity_id='<identity-id>', jwt='<oidc-jwt>' ...rest)
- name: Login with OIDC Auth
infisical.vault.login:
url: "https://app.infisical.com"
auth_method: oidc_auth
identity_id: "<identity-id>"
jwt: "<oidc-jwt>"
register: infisical_login
```
You can also provide the `auth_method`, `identity_id`, and `jwt` parameters through environment variables:
| Parameter Name | Environment Variable Name |
@@ -86,7 +123,12 @@ The Infisical Ansible Collection supports [Universal Auth](/documentation/platfo
</Note>
```yaml
lookup('infisical.vault.read_secrets', auth_method="token_auth", token='<your-token>' ...rest)
- name: Login with Token Auth
infisical.vault.login:
url: "https://app.infisical.com"
auth_method: token_auth
token: "<your-token>"
register: infisical_login
```
You can also provide the `auth_method` and `token` parameters through environment variables:
@@ -99,25 +141,278 @@ The Infisical Ansible Collection supports [Universal Auth](/documentation/platfo
</Accordion>
</AccordionGroup>
### Examples
## Available Plugins and Modules
### Lookup Plugins
- `infisical.vault.login` - Authenticate and return reusable login data
- `infisical.vault.read_secrets` - Read secrets from Infisical
### Modules
**Authentication:**
- `infisical.vault.login` - Authenticate and return reusable login data
**Static Secrets:**
- `infisical.vault.read_secrets` - Read secrets from Infisical
- `infisical.vault.create_secret` - Create a new secret
- `infisical.vault.update_secret` - Update an existing secret
- `infisical.vault.delete_secret` - Delete a secret
**Dynamic Secrets:**
- `infisical.vault.create_dynamic_secret` - Create a dynamic secret configuration
- `infisical.vault.get_dynamic_secret` - Get a dynamic secret by name
- `infisical.vault.update_dynamic_secret` - Update a dynamic secret
- `infisical.vault.delete_dynamic_secret` - Delete a dynamic secret
**Dynamic Secret Leases:**
- `infisical.vault.create_dynamic_secret_lease` - Create a lease (generates credentials)
- `infisical.vault.get_dynamic_secret_lease` - Get lease details
- `infisical.vault.renew_dynamic_secret_lease` - Renew an existing lease
- `infisical.vault.delete_dynamic_secret_lease` - Delete/revoke a lease
## Examples
### Reading Secrets
```yaml
---
- name: Read secrets from Infisical
hosts: localhost
gather_facts: false
tasks:
- name: Login to Infisical
infisical.vault.login:
url: "https://app.infisical.com"
auth_method: universal_auth
universal_auth_client_id: "{{ lookup('env', 'INFISICAL_CLIENT_ID') }}"
universal_auth_client_secret: "{{ lookup('env', 'INFISICAL_CLIENT_SECRET') }}"
register: infisical_login
- name: Read all secrets as dictionary
infisical.vault.read_secrets:
login_data: "{{ infisical_login.login_data }}"
project_id: "your-project-id"
env_slug: "dev"
path: "/"
as_dict: true
register: secrets
- name: Use the secrets
debug:
msg: "Database: {{ secrets.secrets.DATABASE_URL }}"
```
#### Reading secrets with full metadata
Use the `raw` option to retrieve complete secret metadata including version, creation time, tags, and more:
```yaml
- name: Read all secrets with full metadata
infisical.vault.read_secrets:
login_data: "{{ infisical_login.login_data }}"
project_id: "your-project-id"
env_slug: "dev"
path: "/"
raw: true
register: raw_secrets
# Returns: [{"id": "...", "secretKey": "HOST", "secretValue": "google.com", "version": 1, "type": "shared", ...}, ...]
- name: Read all secrets with full metadata as dict
infisical.vault.read_secrets:
login_data: "{{ infisical_login.login_data }}"
project_id: "your-project-id"
env_slug: "dev"
path: "/"
raw: true
as_dict: true
register: raw_secrets_dict
# Returns: {"HOST": {"id": "...", "secretKey": "HOST", "secretValue": "google.com", "version": 1, ...}, ...}
```
#### Using the Lookup Plugin
The `read_secrets` lookup plugin allows for inline secret retrieval. Unlike modules that run on target hosts, lookup plugins run on the Ansible controller during playbook parsing. This is useful for retrieving secrets to use in variable definitions:
```yaml
vars:
read_all_secrets_within_scope: "{{ lookup('infisical.vault.read_secrets', universal_auth_client_id='<>', universal_auth_client_secret='<>', project_id='<>', path='/', env_slug='dev', url='https://spotify.infisical.com') }}"
read_all_secrets_within_scope: "{{ lookup('infisical.vault.read_secrets', universal_auth_client_id='<>', universal_auth_client_secret='<>', project_id='<>', path='/', env_slug='dev', url='https://app.infisical.com') }}"
# [{ "key": "HOST", "value": "google.com" }, { "key": "SMTP", "value": "gmail.smtp.edu" }]
read_all_secrets_as_dict: "{{ lookup('infisical.vault.read_secrets', as_dict=True, universal_auth_client_id='<>', universal_auth_client_secret='<>', project_id='<>', path='/', env_slug='dev', url='https://spotify.infisical.com') }}"
read_all_secrets_as_dict: "{{ lookup('infisical.vault.read_secrets', as_dict=True, universal_auth_client_id='<>', universal_auth_client_secret='<>', project_id='<>', path='/', env_slug='dev', url='https://app.infisical.com') }}"
# { "SECRET_KEY_1": "secret-value-1", "SECRET_KEY_2": "secret-value-2" } -> Can be accessed as secrets.SECRET_KEY_1
read_secret_by_name_within_scope: "{{ lookup('infisical.vault.read_secrets', universal_auth_client_id='<>', universal_auth_client_secret='<>', project_id='<>', path='/', env_slug='dev', secret_name='HOST', url='https://spotify.infisical.com') }}"
read_secret_by_name_within_scope: "{{ lookup('infisical.vault.read_secrets', universal_auth_client_id='<>', universal_auth_client_secret='<>', project_id='<>', path='/', env_slug='dev', secret_name='HOST', url='https://app.infisical.com') }}"
# { "key": "HOST", "value": "google.com" }
```
### Managing Secrets (CRUD)
## Troubleshoot
Create, update, and delete secrets programmatically:
```yaml
- name: Create a secret
infisical.vault.create_secret:
login_data: "{{ infisical_login.login_data }}"
project_id: "{{ project_id }}"
env_slug: "dev"
path: "/"
secret_name: "API_KEY"
secret_value: "my-api-key"
secret_comment: "API key for external service"
register: created_secret
- name: Update a secret
infisical.vault.update_secret:
login_data: "{{ infisical_login.login_data }}"
project_id: "{{ project_id }}"
env_slug: "dev"
path: "/"
secret_name: "API_KEY"
secret_value: "new-api-key"
register: updated_secret
- name: Rename a secret
infisical.vault.update_secret:
login_data: "{{ infisical_login.login_data }}"
project_id: "{{ project_id }}"
env_slug: "dev"
path: "/"
secret_name: "OLD_SECRET_NAME"
new_secret_name: "NEW_SECRET_NAME"
register: renamed_secret
- name: Delete a secret
infisical.vault.delete_secret:
login_data: "{{ infisical_login.login_data }}"
project_id: "{{ project_id }}"
env_slug: "dev"
path: "/"
secret_name: "API_KEY"
register: deleted_secret
```
### Dynamic Secrets
Dynamic secrets generate credentials on-demand with automatic expiration. They support various providers like SQL databases, AWS, GCP, Azure, and more. For the full list of supported providers and their configuration options, see the [Dynamic Secrets documentation](/documentation/platform/dynamic-secrets/overview).
#### Creating a Dynamic Secret
```yaml
# Create a dynamic secret for PostgreSQL
- name: Create a PostgreSQL dynamic secret
infisical.vault.create_dynamic_secret:
login_data: "{{ infisical_login.login_data }}"
project_slug: "my-project"
env_slug: "dev"
path: "/"
name: "postgres-dev"
provider_type: "sql-database"
inputs:
client: "postgres"
host: "localhost"
port: 5432
database: "mydb"
username: "admin"
password: "admin-password"
creationStatement: "CREATE USER \"{{username}}\" WITH PASSWORD '{{password}}';"
revocationStatement: "DROP USER \"{{username}}\";"
default_ttl: "1h"
max_ttl: "24h"
register: dynamic_secret
```
<Note>
For the full list of supported provider types and their input configurations, see the [Dynamic Secrets API Documentation](https://infisical.com/docs/api-reference/endpoints/dynamic-secrets/create#body-provider).
</Note>
#### Getting and Using Dynamic Secret Credentials
To use a dynamic secret, you need to create a **lease** which generates the actual credentials:
```yaml
# Create a lease to get database credentials
- name: Get database credentials
infisical.vault.create_dynamic_secret_lease:
login_data: "{{ infisical_login.login_data }}"
project_slug: "my-project"
env_slug: "dev"
path: "/"
dynamic_secret_name: "postgres-dev"
ttl: "30m"
register: lease
# Use the generated credentials
- name: Connect to database
community.postgresql.postgresql_query:
login_host: localhost
login_user: "{{ lease.data.DB_USERNAME }}"
login_password: "{{ lease.data.DB_PASSWORD }}"
db: mydb
query: "SELECT version();"
```
#### Managing Leases
```yaml
# Get lease details
- name: Get lease information
infisical.vault.get_dynamic_secret_lease:
login_data: "{{ infisical_login.login_data }}"
project_slug: "my-project"
env_slug: "dev"
path: "/"
lease_id: "{{ lease.lease.id }}"
register: lease_details
# Renew a lease before it expires
- name: Renew a lease for 2 more hours
infisical.vault.renew_dynamic_secret_lease:
login_data: "{{ infisical_login.login_data }}"
project_slug: "my-project"
env_slug: "dev"
path: "/"
lease_id: "{{ lease.lease.id }}"
ttl: "2h"
register: renewed_lease
# Revoke the credentials when done
- name: Delete the lease
infisical.vault.delete_dynamic_secret_lease:
login_data: "{{ infisical_login.login_data }}"
project_slug: "my-project"
env_slug: "dev"
path: "/"
lease_id: "{{ lease.lease.id }}"
```
#### Updating and Deleting Dynamic Secrets
```yaml
# Update a dynamic secret's TTL
- name: Update dynamic secret TTL
infisical.vault.update_dynamic_secret:
login_data: "{{ infisical_login.login_data }}"
project_slug: "my-project"
env_slug: "dev"
path: "/"
name: "postgres-dev"
default_ttl: "2h"
max_ttl: "48h"
register: updated_secret
# Delete a dynamic secret (also revokes all active leases)
- name: Delete a dynamic secret
infisical.vault.delete_dynamic_secret:
login_data: "{{ infisical_login.login_data }}"
project_slug: "my-project"
env_slug: "dev"
path: "/"
name: "postgres-dev"
register: deleted_secret
```
## Troubleshoot
<Accordion title="I'm getting a error related to objc[72832]: +[__NSCFConstantString initialize]">
If you get this Python error when you running the lookup plugin:-

256
docs/sdks/languages/python.mdx
View File

@@ -71,8 +71,9 @@ The SDK methods are organized into the following high-level categories:
1. `auth`: Handles authentication methods.
2. `secrets`: Manages CRUD operations for secrets.
3. `kms`: Perform cryptographic operations with Infisical KMS.
4. `folders`: Manages folder-related operations.
3. `dynamic_secrets`: Manages dynamic secrets and leases.
4. `kms`: Perform cryptographic operations with Infisical KMS.
5. `folders`: Manages folder-related operations.
### `auth`
@@ -283,6 +284,257 @@ deleted_secret = client.secrets.delete_secret_by_name(
**Returns:**
- `BaseSecret`: The response after deleting the secret.
### `dynamic_secrets`
This sub-class handles operations related to dynamic secrets. Dynamic secrets generate credentials on-demand with automatic expiration. For more information, see the [Dynamic Secrets documentation](/documentation/platform/dynamic-secrets/overview).
#### Create Dynamic Secret
```python
from infisical_sdk import DynamicSecretProviders
dynamic_secret = client.dynamic_secrets.create(
name="postgres-dev",
provider_type=DynamicSecretProviders.SQL_DATABASE,
inputs={
"client": "postgres",
"host": "localhost",
"port": 5432,
"database": "mydb",
"username": "admin",
"password": "admin-password",
"creationStatement": "CREATE USER \"{{username}}\" WITH PASSWORD '{{password}}';",
"revocationStatement": "DROP USER \"{{username}}\";"
},
default_ttl="1h",
max_ttl="24h",
project_slug="my-project",
environment_slug="dev",
path="/",
metadata=[{"key": "team", "value": "backend"}] # Optional
)
```
**Parameters:**
- `name` (str): The name of the dynamic secret.
- `provider_type` (Union[DynamicSecretProviders, str]): The provider type (e.g., `DynamicSecretProviders.SQL_DATABASE`).
- `inputs` (Dict[str, Any]): The provider-specific configuration inputs. See the [Dynamic Secrets API documentation](/api-reference/endpoints/dynamic-secrets/create) for provider-specific inputs.
- `default_ttl` (str): The default time to live for leases (e.g., "1h", "30m").
- `max_ttl` (str): The maximum time to live for leases (e.g., "24h").
- `project_slug` (str): The slug of your project.
- `environment_slug` (str): The environment in which to create the dynamic secret.
- `path` (str, optional): The path where the dynamic secret will be created. Defaults to "/".
- `metadata` (List[Dict[str, str]], optional): Optional list of metadata items with 'key' and 'value'.
**Returns:**
- `DynamicSecret`: The created dynamic secret.
#### Supported Provider Types
The `DynamicSecretProviders` enum includes the following providers:
| Provider | Enum Value |
| -------- | ---------- |
| AWS ElastiCache | `DynamicSecretProviders.AWS_ELASTICACHE` |
| AWS IAM | `DynamicSecretProviders.AWS_IAM` |
| Azure Entra ID | `DynamicSecretProviders.AZURE_ENTRA_ID` |
| Azure SQL Database | `DynamicSecretProviders.AZURE_SQL_DATABASE` |
| Cassandra | `DynamicSecretProviders.CASSANDRA` |
| Couchbase | `DynamicSecretProviders.COUCHBASE` |
| Elasticsearch | `DynamicSecretProviders.ELASTICSEARCH` |
| GCP IAM | `DynamicSecretProviders.GCP_IAM` |
| GitHub | `DynamicSecretProviders.GITHUB` |
| Kubernetes | `DynamicSecretProviders.KUBERNETES` |
| LDAP | `DynamicSecretProviders.LDAP` |
| MongoDB Atlas | `DynamicSecretProviders.MONGO_ATLAS` |
| MongoDB | `DynamicSecretProviders.MONGODB` |
| RabbitMQ | `DynamicSecretProviders.RABBITMQ` |
| Redis | `DynamicSecretProviders.REDIS` |
| SAP ASE | `DynamicSecretProviders.SAP_ASE` |
| SAP HANA | `DynamicSecretProviders.SAP_HANA` |
| Snowflake | `DynamicSecretProviders.SNOWFLAKE` |
| SQL Database | `DynamicSecretProviders.SQL_DATABASE` |
| TOTP | `DynamicSecretProviders.TOTP` |
| Vertica | `DynamicSecretProviders.VERTICA` |
#### Get Dynamic Secret by Name
```python
dynamic_secret = client.dynamic_secrets.get_by_name(
name="postgres-dev",
project_slug="my-project",
environment_slug="dev",
path="/"
)
```
**Parameters:**
- `name` (str): The name of the dynamic secret.
- `project_slug` (str): The slug of your project.
- `environment_slug` (str): The environment in which to retrieve the dynamic secret.
- `path` (str, optional): The path to the dynamic secret. Defaults to "/".
**Returns:**
- `DynamicSecret`: The dynamic secret.
#### Update Dynamic Secret
```python
updated_secret = client.dynamic_secrets.update(
name="postgres-dev",
project_slug="my-project",
environment_slug="dev",
path="/",
default_ttl="2h", # Optional
max_ttl="48h", # Optional
new_name="postgres-dev-updated", # Optional
inputs={"port": 5433}, # Optional - updated provider inputs
metadata=[{"key": "team", "value": "platform"}], # Optional
username_template="dev-{{identity.name}} # Optional
)
```
**Parameters:**
- `name` (str): The current name of the dynamic secret.
- `project_slug` (str): The slug of your project.
- `environment_slug` (str): The environment in which to update the dynamic secret.
- `path` (str, optional): The path to the dynamic secret. Defaults to "/".
- `default_ttl` (str, optional): The new default time to live for leases.
- `max_ttl` (str, optional): The new maximum time to live for leases.
- `new_name` (str, optional): The new name for the dynamic secret.
- `inputs` (Dict[str, Any], optional): Updated provider-specific configuration inputs.
- `metadata` (List[Dict[str, str]], optional): Updated metadata list with 'key' and 'value' items.
- `username_template` (str, optional): The new username template for the dynamic secret.
**Returns:**
- `DynamicSecret`: The updated dynamic secret.
#### Delete Dynamic Secret
```python
deleted_secret = client.dynamic_secrets.delete(
name="postgres-dev",
project_slug="my-project",
environment_slug="dev",
path="/",
is_forced=False # Optional
)
```
**Parameters:**
- `name` (str): The name of the dynamic secret to delete.
- `project_slug` (str): The slug of your project.
- `environment_slug` (str): The environment in which to delete the dynamic secret.
- `path` (str, optional): The path to the dynamic secret. Defaults to "/".
- `is_forced` (bool, optional): A boolean flag to delete the dynamic secret from Infisical without trying to remove it from the external provider. Defaults to `False`.
**Returns:**
- `DynamicSecret`: The deleted dynamic secret.
### `dynamic_secrets.leases`
This sub-class handles operations related to dynamic secret leases. A lease represents a set of generated credentials with a specific TTL.
#### Create Lease
Create a lease to generate credentials from a dynamic secret:
```python
lease_response = client.dynamic_secrets.leases.create(
dynamic_secret_name="postgres-dev",
project_slug="my-project",
environment_slug="dev",
path="/",
ttl="30m" # Optional
)
# Access the generated credentials
username = lease_response.data["DB_USERNAME"]
password = lease_response.data["DB_PASSWORD"]
lease_id = lease_response.lease.id
```
**Parameters:**
- `dynamic_secret_name` (str): The name of the dynamic secret to create a lease for.
- `project_slug` (str): The slug of your project.
- `environment_slug` (str): The environment in which to create the lease.
- `path` (str, optional): The path to the dynamic secret. Defaults to "/".
- `ttl` (str, optional): The time to live for the lease (e.g., "1h", "30m").
**Returns:**
- `CreateLeaseResponse`: Response containing:
- `lease`: The lease object with ID, expiration, and metadata.
- `dynamicSecret`: The associated dynamic secret.
- `data`: The generated credentials. The structure depends on the dynamic secret provider.
#### Get Lease
```python
lease = client.dynamic_secrets.leases.get(
lease_id="<lease-id>",
project_slug="my-project",
environment_slug="dev",
path="/"
)
```
**Parameters:**
- `lease_id` (str): The ID of the lease to retrieve.
- `project_slug` (str): The slug of your project.
- `environment_slug` (str): The environment in which to retrieve the lease.
- `path` (str, optional): The path to the dynamic secret. Defaults to "/".
**Returns:**
- `DynamicSecretLease`: The lease with dynamicSecret included.
#### Renew Lease
Extend the TTL of an existing lease:
```python
renewed_lease = client.dynamic_secrets.leases.renew(
lease_id="<lease-id>",
project_slug="my-project",
environment_slug="dev",
path="/",
ttl="2h" # Optional - new TTL
)
```
**Parameters:**
- `lease_id` (str): The ID of the lease to renew.
- `project_slug` (str): The slug of your project.
- `environment_slug` (str): The environment in which to renew the lease.
- `path` (str, optional): The path to the dynamic secret. Defaults to "/".
- `ttl` (str, optional): The new time to live for the lease.
**Returns:**
- `DynamicSecretLease`: The renewed lease.
#### Delete Lease
Revoke a lease and its associated credentials:
```python
deleted_lease = client.dynamic_secrets.leases.delete(
lease_id="<lease-id>",
project_slug="my-project",
environment_slug="dev",
path="/",
is_forced=False # Optional
)
```
**Parameters:**
- `lease_id` (str): The ID of the lease to delete.
- `project_slug` (str): The slug of your project.
- `environment_slug` (str): The environment in which to delete the lease.
- `path` (str, optional): The path to the dynamic secret. Defaults to "/".
- `is_forced` (bool, optional): A boolean flag to delete the lease from Infisical without trying to remove it from the external provider. Defaults to `False`.
**Returns:**
- `DynamicSecretLease`: The deleted lease.
### `kms`
This sub-class handles KMS related operations:

2
frontend/src/pages/secret-manager/SecretDashboardPage/components/DynamicSecretListView/DynamicSecretListView.tsx
View File

@@ -150,7 +150,7 @@ export const DynamicSecretListView = ({
metadata: secret.metadata
})}
renderTooltip
allowedLabel="Edit"
allowedLabel="Generate Lease"
>
{(isAllowed) => (
<Button