Nick Cabatoff ncabatoff
ncabatoff
/ count_secrets.sh
Created
June 18, 2024 13:10
Script to collect the number of KV entries in a Vault cluster based on metrics
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| minutes=30 # Note that this script may take up to 30m to run, or longer if `minutes=30` was changed. | |
| # The count_secrets.sh script is intended to be used to query the sys/metrics endpoint of a Vault cluster and extract the | |
| # sum of all KV secrets counts across all namespaces. This relies on the | |
| # https://developer.hashicorp.com/vault/docs/configuration/telemetry#usage_gauge_period configuration not being disabled, | |
| # and on | |
| # https://developer.hashicorp.com/vault/docs/configuration/telemetry#prometheus_retention_time not being set to 0. | |
| # |