docs: update vault credentials docs

docs/airtable.md

@@ -23,14 +23,11 @@ create foreign data wrapper airtable_wrapper
 By default, Postgres stores FDW credentials inide `pg_catalog.pg_foreign_server` in plain text. Anyone with access to this table will be able to view these credentials. Wrappers is designed to work with [Vault](https://supabase.com/docs/guides/database/vault), which provides an additional level of security for storing credentials. We recommend using Vault to store your credentials.
 
 ```sql
--- Create a secure key using pgsodium:
-select pgsodium.create_key(name := 'airtable');
-
 -- Save your Airtable API key in Vault and retrieve the `key_id`
-insert into vault.secrets (secret, key_id)
+insert into vault.secrets (name, secret)
 values (
-  'YOUR_SECRET',
-  (select id from pgsodium.valid_key where name = 'airtable')
+  'airtable',
+  'YOUR_SECRET'
 )
 returning key_id;
 ```
@@ -43,10 +40,10 @@ We need to provide Postgres with the credentials to connect to Airtable, and any
 
     ```sql
     create server airtable_server
-    foreign data wrapper airtable_wrapper
-    options (
-      api_key_id '<key_ID>' -- The Key ID from above.
-    );
+      foreign data wrapper airtable_wrapper
+      options (
+        api_key_id '<key_ID>' -- The Key ID from above.
+      );
     ```
 
 === "Without Vault"

docs/bigquery.md

@@ -37,20 +37,19 @@ create foreign data wrapper bigquery_wrapper
 By default, Postgres stores FDW credentials inide `pg_catalog.pg_foreign_server` in plain text. Anyone with access to this table will be able to view these credentials. Wrappers is designed to work with [Vault](https://supabase.com/docs/guides/database/vault), which provides an additional level of security for storing credentials. We recommend using Vault to store your credentials.
 
 ```sql
--- Create a secure key using pgsodium:
-select pgsodium.create_key(name := 'bigquery');
-
 -- Save your BigQuery service account json in Vault and retrieve the `key_id`
-insert into vault.secrets (secret, key_id) values ('
-{
-  "type": "service_account",
-  "project_id": "your_gcp_project_id",
-  "private_key_id": "your_private_key_id",
-  "private_key": "-----BEGIN PRIVATE KEY-----\n...\n-----END PRIVATE KEY-----\n",
-  ...
-}
-',
-(select id from pgsodium.valid_key where name = 'bigquery')
+insert into vault.secrets (name, secret)
+values (
+  'bigquery',
+  '
+    {
+      "type": "service_account",
+      "project_id": "your_gcp_project_id",
+      "private_key_id": "your_private_key_id",
+      "private_key": "-----BEGIN PRIVATE KEY-----\n...\n-----END PRIVATE KEY-----\n",
+      ...
+    }
+  '
 )
 returning key_id;
 ```
@@ -62,23 +61,13 @@ We need to provide Postgres with the credentials to connect to BigQuery, and any
 === "With Vault"
 
     ```sql
-    do $$
-    declare
-      key_id text;
-    begin
-      select id into key_id from pgsodium.valid_key where name = 'bigquery' limit 1;
-
-      execute format(
-        E'create server bigquery_server \n'
-        '   foreign data wrapper bigquery_wrapper \n'
-        '   options ( \n'
-        '     sa_key_id ''%s'', \n'
-        '     project_id ''your_gcp_project_id'', \n'
-        '     dataset_id ''your_gcp_dataset_id'' \n'
-        ' );',
-        key_id
+    create server bigquery_server
+      foreign data wrapper bigquery_wrapper
+      options (
+        sa_key_id '<key_ID>', -- The Key ID from above.
+        project_id 'your_gcp_project_id',
+        dataset_id 'your_gcp_dataset_id'
       );
-    end $$;
     ```
 
 === "Without Vault"

docs/clickhouse.md

@@ -40,14 +40,13 @@ create foreign data wrapper clickhouse_wrapper
 By default, Postgres stores FDW credentials inide `pg_catalog.pg_foreign_server` in plain text. Anyone with access to this table will be able to view these credentials. Wrappers is designed to work with [Vault](https://supabase.com/docs/guides/database/vault), which provides an additional level of security for storing credentials. We recommend using Vault to store your credentials.
 
 ```sql
--- Create a secure key using pgsodium:
-select pgsodium.create_key(name := 'clickhouse');
-
 -- Save your ClickHouse credential in Vault and retrieve the `key_id`
-insert into vault.secrets (secret, key_id) values (
-  'tcp://default:@localhost:9000/default',
-  (select id from pgsodium.valid_key where name = 'clickhouse')
-) returning key_id;
+insert into vault.secrets (name, secret)
+values (
+  'clickhouse',
+  'tcp://default:@localhost:9000/default'
+)
+returning key_id;
 ```
 
 ### Connecting to ClickHouse
@@ -57,19 +56,11 @@ We need to provide Postgres with the credentials to connect to ClickHouse, and a
 === "With Vault"
 
     ```sql
-    do $$
-    declare
-      key_id text;
-    begin
-      select id into key_id from pgsodium.valid_key where name = 'clickhouse' limit 1;
-
-      execute format(
-        E'create server clickhouse_server \n'
-        '   foreign data wrapper clickhouse_server \n'
-        '   options (conn_string_id ''%s'');',
-        key_id
+    create server clickhouse_server
+      foreign data wrapper clickhouse_wrapper
+      options (
+        conn_string_id '<key_ID>' -- The Key ID from above.
       );
-    end $$;
     ```
 
 === "Without Vault"

docs/firebase.md

@@ -24,21 +24,16 @@ create foreign data wrapper firebase_wrapper
 By default, Postgres stores FDW credentials inide `pg_catalog.pg_foreign_server` in plain text. Anyone with access to this table will be able to view these credentials. Wrappers is designed to work with [Vault](https://supabase.com/docs/guides/database/vault), which provides an additional level of security for storing credentials. We recommend using Vault to store your credentials.
 
 ```sql
--- Create a secure key using pgsodium:
-select pgsodium.create_key(name := 'firebase');
-
 -- Save your Firebase credentials in Vault and retrieve the `key_id`
-insert into
-  vault.secrets (secret, key_id)
-values 
-  (
-    '{
+insert into vault.secrets (name, secret)
+values (
+  'firebase',
+  '{
       "type": "service_account",
       "project_id": "your_gcp_project_id",
       ...
-    }',
-    (select id from pgsodium.valid_key where name = 'firebase')
-  )
+  }'
+)
 returning key_id;
 ```
 
@@ -52,7 +47,7 @@ We need to provide Postgres with the credentials to connect to Firebase, and any
     create server firebase_server
       foreign data wrapper firebase_wrapper
       options (
-        sa_key_id '<your key_id from above>'
+        sa_key_id '<key_ID>', -- The Key ID from above.
         project_id '<firebase_project_id>'
     );
     ```
@@ -70,7 +65,7 @@ We need to provide Postgres with the credentials to connect to Firebase, and any
             ...
          }
         ',
-         project_id 'firebase_project_id',
+         project_id 'firebase_project_id'
        );
     ```
 

docs/logflare.md

@@ -23,14 +23,11 @@ create foreign data wrapper logflare_wrapper
 By default, Postgres stores FDW credentials inide `pg_catalog.pg_foreign_server` in plain text. Anyone with access to this table will be able to view these credentials. Wrappers is designed to work with [Vault](https://supabase.com/docs/guides/database/vault), which provides an additional level of security for storing credentials. We recommend using Vault to store your credentials.
 
 ```sql
--- Create a secure key using pgsodium:
-select pgsodium.create_key(name := 'logflare');
-
 -- Save your Logflare API key in Vault and retrieve the `key_id`
-insert into vault.secrets (secret, key_id)
+insert into vault.secrets (name, secret)
 values (
-  'YOUR_SECRET',
-  (select id from pgsodium.valid_key where name = 'logflare')
+  'logflare',
+  'YOUR_SECRET'
 )
 returning key_id;
 ```

docs/s3.md

@@ -56,22 +56,18 @@ create foreign data wrapper s3_wrapper
 By default, Postgres stores FDW credentials inide `pg_catalog.pg_foreign_server` in plain text. Anyone with access to this table will be able to view these credentials. Wrappers is designed to work with [Vault](https://supabase.com/docs/guides/database/vault), which provides an additional level of security for storing credentials. We recommend using Vault to store your credentials.
 
 ```sql
--- Create a secure key using pgsodium:
-select pgsodium.create_key(name := 'vault_access_key_id');
-select pgsodium.create_key(name := 'vault_secret_access_key');
-
 -- Save your AWS credential in Vault and retrieve the `key_id`
-insert into vault.secrets (secret, key_id)
+insert into vault.secrets (name, secret)
 values (
-  '<access key id>',
-  (select id from pgsodium.valid_key where name = 'vault_access_key_id')
+  'vault_access_key_id',
+  '<access key id>'
 )
 returning key_id;
 
-insert into vault.secrets (secret, key_id)
+insert into vault.secrets (name, secret)
 values (
-  '<secret access key>',
-  (select id from pgsodium.valid_key where name = 'vault_secret_access_key')
+  'vault_secret_access_key',
+  '<secret access key>'
 )
 returning key_id;
 ```
@@ -87,7 +83,7 @@ We need to provide Postgres with the credentials to connect to S3, and any addit
       foreign data wrapper s3_wrapper
       options (
         vault_access_key_id '<your vault_access_key_id from above>',
-        vault_secret_access_key '<your vault_secret_access_key_id from above>',
+        vault_secret_access_key '<your vault_secret_access_key from above>',
         aws_region 'us-east-1'
       );
     ```

docs/stripe.md

@@ -21,14 +21,11 @@ create foreign data wrapper stripe_wrapper
 By default, Postgres stores FDW credentials inide `pg_catalog.pg_foreign_server` in plain text. Anyone with access to this table will be able to view these credentials. Wrappers is designed to work with [Vault](https://supabase.com/docs/guides/database/vault), which provides an additional level of security for storing credentials. We recommend using Vault to store your credentials.
 
 ```sql
--- Create a secure key using pgsodium:
-select pgsodium.create_key(name := 'stripe');
-
 -- Save your Stripe API key in Vault and retrieve the `key_id`
-insert into vault.secrets (secret, key_id)
+insert into vault.secrets (name, secret)
 values (
-  'YOUR_SECRET',
-  (select id from pgsodium.valid_key where name = 'stripe')
+  'stripe',
+  'YOUR_SECRET'
 )
 returning key_id;
 ```