Description:

Nationwide Building Society has requested the ability to change the secret manager connector reference for existing secrets within Harness.

Currently, Harness does not allow updating the connector (i.e., the secret manager reference) once a secret is created. In their setup, they are using Vault as the secret manager and have two connectors configured to point to the same Vault instance — ConnectorA and ConnectorB. All existing secrets were initially created using ConnectorA. They now want the flexibility to update those secrets to reference ConnectorB instead, without recreating the secrets.

Use Case:

Organizations often configure multiple connectors pointing to the same backend secret manager for reasons such as scoping, access control, or organizational structure. Over time, there might be a need to switch the connector used by existing secrets — either due to connector deprecation, policy changes, or infrastructure updates. Currently, this is not supported in the UI or via YAML, and users are forced to manually recreate secrets.