HashiDays One conference. Three cities. Find a city near you
HashiCorp Cloud Platform
HashiCorp Cloud Platform Home

Constraints and considerations

There are some intentional constraints regarding characteristics of certain features. It can be helpful to take these into consideration when planning your usage of HCP Vault Secrets.

Secret name constraints

Secret names must conform to the following rules:

  • Must be between 1 and 64 characters
  • Must start with ASCII letter or '_' and then only contain ASCII letters, digits, or '_'
    • secret names with '_' allows injecting secrets into envrionment variables for your applications using the CLI based run command

Secret value size

The current character limit for the secret value is 5120 characters per secret.

Usage Limits

Refer to API rate and resource limits for more information.

Deleting sync integrations

The sync construct is composed of two parts: the optional installation, which holds the authentication details to be reused, and the integration, which contains the sync configuration fields, and may optionally depend on the installation. Deleting sync integrations can be done via the UI or API. Deleting an installation can only be done via the API.

Unintended disconnection of sync integrations from app in API

There is a known bug with the raw API where a PATCH request to edit an App's Description without also passing the sync_integrations field will result in all sync integrations being disconnected from the Application. To get around this, edit your App's Description in the UI or CLI, or pass your App's existing integrations in as part of your PATCH request body even though you aren't changing them.

If you accidentally disconnect your App's integrations this way, you can attach them again with a second PATCH request, as the integrations were not deleted, just disconnected.

Audit log

The audit log viewer within the HCP UI HCP Vault Secret is at the application level. Events involving integration management are not captured in the UI log viewer and deleted application's audit logs are not retained within the UI log viewer. Use log streaming to view and retain these audit events.