Apologies if I missed something, but as far as I can tell VaultSharp only supports database secrets if the roles use the password credential_type.
The return type of IDatabaseSecretsEngine.GetCredentialsAsync is Secret<UsernamePasswordCredentials>, implicitly assuming the response from Vault will contain the username and password fields, but if, for example, you have configured the role with the rsa_private_key credential type, the response from Vault would (unsurprisingly) return a rsa_private_key field instead of password.
Link to the Vault API Docs that support this feature
https://developer.hashicorp.com/vault/docs/secrets/databases#credential-types
https://developer.hashicorp.com/vault/api-docs/secret/databases#credential_type
Further Context
Snowflake is deprecating the use of username/password authentication for service accounts. Forcing us to switch to other credential types.
Apologies if I missed something, but as far as I can tell VaultSharp only supports
databasesecrets if the roles use thepasswordcredential_type.The return type of
IDatabaseSecretsEngine.GetCredentialsAsyncisSecret<UsernamePasswordCredentials>, implicitly assuming the response from Vault will contain theusernameandpasswordfields, but if, for example, you have configured the role with thersa_private_keycredential type, the response from Vault would (unsurprisingly) return arsa_private_keyfield instead ofpassword.Link to the Vault API Docs that support this feature
https://developer.hashicorp.com/vault/docs/secrets/databases#credential-types
https://developer.hashicorp.com/vault/api-docs/secret/databases#credential_type
Further Context
Snowflake is deprecating the use of username/password authentication for service accounts. Forcing us to switch to other credential types.