[DOCS] Revert CLI partials (#29005)

* Remove linking added earlier this week and revert to the previous partial template.

* Revert template in readme

website/content/partials/cli/README.md

@@ -16,6 +16,7 @@ The `agent` family of commands is malformed. Rather than having a root node
 root command is runnable.
 
 
+
 ## Why partials?
 
 We document CLI command arguments, options, and flags as partials:
@@ -66,20 +67,15 @@ partials/global-settings/both   parameters that exits as flags and variables
 ### Template 1 - command-specific parameters
 
 Use the following template for parameters that exist as command-exclusively
-arguments, flags, or options. "ANCHOR_ID" is the ID defined in the `<a id=...>`
+arguments, flags, or options.
-HTML tag.
 
 -- Template (start) --
 
 <a id="COMMAND_ROOT-[arg | option | flag]-NAME" />
 
 
-<a href="#ANCHOR_ID" style={{textDecorationLine:'none'}}>
-
 **`NAME (TYPE : DEFAULT)`**
 
-</a>
-
 DESCRIPTION
 
 **Example**: `EXAMPLE_OF_VALID_USE`
@@ -87,22 +83,19 @@ DESCRIPTION
 -- Template (end) --
 
 
-
 ### Template 2 - shared parameters
 
 Use the following template for parameters that exist as arguments, flags, or
 options that are not global but are shared across more than one command family.
-"ANCHOR_ID" is the ID defined in the `<a id=...>` HTML tag.
+
+-- Template (start) --
 
 <a id="shared-[arg | option | flag]-NAME" />
 
-
-<a href="#ANCHOR_ID" style={{textDecorationLine:'none'}}>
-
 **`NAME (TYPE : DEFAULT)`**
 
-</a>
-
 DESCRIPTION
 
-**Example**: `EXAMPLE_OF_VALID_USE`
+**Example**: `EXAMPLE_OF_VALID_USE`
+
+-- Template (end) --

website/content/partials/cli/agent/args/file_path.mdx

@@ -1,4 +1,6 @@
-- `file_path (string : "./agent.hcl")` ((#agent-arg-file_path))
+<a id="agent-arg-file_path" />
+
+**`file_path (string : "./agent.hcl")`**
 
 The path where Vault should save the generated configuration file.
 

website/content/partials/cli/agent/flags/config.mdx

@@ -1,5 +1,6 @@
-- `-config (string : <required>)` ((#agent-flag-config))
+<a id="agent-flag-config" />
 
+**`-config (string : <required>)`**
 
 Path to a single
 [Vault Agent configuration file](/vault/docs/agent-and-proxy/agent#configuration-file-options)

website/content/partials/cli/agent/flags/exec.mdx

@@ -1,4 +1,6 @@
-- `-exec (string : "")` ((#agent-flag-exec))
+<a id="agent-flag-exec" />
+
+**`-exec (string : "")`**
 
 Path to the command for child processes with optional arguments. Relative paths
 start from the current working directory when executed. Corresponds to

website/content/partials/cli/agent/flags/exit-after-auth.mdx

@@ -1,4 +1,6 @@
-- `-exit-after-auth (bool : false)` ((#agent-flag-exit-after-auth))
+<a id="agent-flag-exit-after-auth" />
+
+**`-exit-after-auth (bool : false)`**
 
 Exit with code `0` after a single successful auth. Success indicates successful
 token retrieval and write to sink.

website/content/partials/cli/agent/flags/path.mdx

@@ -1,4 +1,6 @@
-- `-path (string : "")` ((#agent-flag-path))
+<a id="agent-flag-path" />
+
+**`-path (string : "")`**
 
 Path to one or more `kv` secrets store. Paths that end with a wildcard (`*`)
 include all secrets under that path.

website/content/partials/cli/agent/flags/type.mdx

@@ -1,4 +1,6 @@
-- `-type (enum : <required>)` ((#agent-flag-type))
+<a id="agent-flag-type" />
+
+**`-type (enum : <required>)`**
 
 The configuration file entry to create.
 

website/content/partials/cli/audit/args/device_path.mdx

@@ -1,4 +1,6 @@
-- `device_path (string : <required>)` ((#audit-arg-device_path))
+<a id="audit-arg-device_path" />
+
+**`device_path (string : <required>)`**
 
 The internal path where Vault accesses the audit device. Audit device paths are
 unique across all audit devices.

website/content/partials/cli/audit/args/device_type.mdx

@@ -1,4 +1,6 @@
-- `audit-arg-device_type (enum : <required>)` ((#audit-arg-device_type))
+<a id="audit-arg-device_type" />
+
+**`device_type (enum : <required>)`**
 
 The audit device type to create.
 

website/content/partials/cli/audit/args/file/file_path.mdx

@@ -1,4 +1,6 @@
-- `file_path (string : <required>)` ((#audit-arg-file-file_path))
+<a id="audit-arg-file-file_path" />
+
+**`file_path (string : <required>)`**
 
 Location on the audit log on the Vault server. Must be one of the following:
 

website/content/partials/cli/audit/args/file/mode.mdx

@@ -1,4 +1,6 @@
-- `mode (string : "0600")` ((#audit-arg-file-mode))
+<a id="audit-arg-file-mode" />
+
+**`mode (string : "0600")`**
 
 The `chmod`-style octal permissions for the audit file. Set `mode` to "0000" to
 prevent Vault from modifying the file mode.

website/content/partials/cli/audit/args/socket/address.mdx

@@ -1,4 +1,6 @@
-- `address (string : "")` ((#audit-arg-socket-address))
+<a id="audit-arg-socket-address" />
+
+**`address (string : "")`**
 
 Location of the socket as a server IP and port or a local path.
 

website/content/partials/cli/audit/args/socket/socket_type.mdx

@@ -1,4 +1,6 @@
-- `socket_type (string : "tcp")` ((#audit-arg-socket-socket_type))
+<a id="audit-arg-socket-socket_type" />
+
+**`socket_type (string : "tcp")`**
 
 Communication protocol expected by the socket. Vault can write to any
 [net.Dialer](https://pkg.go.dev/net#Dialer)-compatible socket. If a TCP socket

website/content/partials/cli/audit/args/socket/write_timeout.mdx

@@ -1,4 +1,6 @@
-- `write_timeout (string : "2s")` ((#audit-arg-socket-write_timeout))
+<a id="audit-arg-socket-write_timeout" />
+
+**`write_timeout (string : "2s")`**
 
 Duration in seconds that Vault will wait for a write to complete over the
 socket. Setting `write_timeout` to `0` disables time outs and forces Vault to

website/content/partials/cli/audit/args/syslog/facility.mdx

@@ -1,4 +1,6 @@
-- `facility (string : "AUTH")` ((#audit-arg-syslog-facility))
+<a id="audit-arg-syslog-facility" />
+
+**`facility (string : "AUTH")`**
 
 The process that generated the syslog entry (the syslog facility).
 

website/content/partials/cli/audit/args/syslog/tag.mdx

@@ -1,4 +1,6 @@
-- `tag (string : "vault")` ((#audit-arg-syslog-tag))
+<a id="audit-arg-syslog-tag" />
+
+**`tag (string : "vault")`**
 
 The program that generated the syslog entry.
 

website/content/partials/cli/audit/flags/description.mdx

@@ -1,4 +1,6 @@
-- `-description (string : "")` ((#audit-flag-description))
+<a id="audit-flag-description" />
+
+**`-description (string : "")`**
 
 A human-friendly string that explains the purpose of the audit device.
 

website/content/partials/cli/audit/flags/detailed.mdx

@@ -1,4 +1,6 @@
-- `-detailed (bool : false)` ((#audit-flag-detailed))
+<a id="audit-flag-detailed" />
+
+**`-detailed (bool : false)`**
 
 Print detailed information such as options and replication status about each
 audit device.

website/content/partials/cli/audit/flags/local.mdx

@@ -1,6 +1,8 @@
-- `-local (bool : false)` ((#audit-flag-local))
+<a id="audit-flag-local" />
+
+**`-local (bool : false)`**
 
 Indicates that the audit device is local to the Vault server and ignored by
 replication.
 
-**Example**: `-local`
+**Example**: `-local`

website/content/partials/cli/audit/flags/path.mdx

@@ -1,4 +1,6 @@
-- `-path (string : "/<device_type>")` ((#audit-flag-path))
+<a id="audit-flag-path" />
+
+**`-path (string : "/<device_type>")`**
 
 The internal path where Vault will access the audit device. Audit device paths
 must be unique across all audit devices.

website/content/partials/cli/audit/options/elide_list_responses.mdx

@@ -1,4 +1,6 @@
-- `elide_list_responses (bool : false)` ((#audit-option-elide_list_responses))
+<a id="audit-option-elide_list_responses" />
+
+**`elide_list_responses (bool : false)`**
 
 Replace the details for `response.data.keys` and `response.data.key_info` with
 the number of entries to reduce the size of audit records. See

website/content/partials/cli/audit/options/exclude.mdx

@@ -1,5 +1,6 @@
-- `exclude (string : "")` ((#audit-option-exclude)) <EnterpriseAlert inline="true" />
+<a id="audit-option-exclude" />
 
+**`exclude (string : "")`** <EnterpriseAlert inline="true" />
 
 Remove any fields matching the provided
 [exclusion filtering rules](/vault/docs/enterprise/audit/exclusion) from the

website/content/partials/cli/audit/options/fallback.mdx

@@ -1,4 +1,6 @@
-- `fallback (bool : false)` ((#audit-option-fallback))  <EnterpriseAlert inline="true" />
+<a id="audit-option-fallback" />
+
+**`fallback (bool : false)`**  <EnterpriseAlert inline="true" />
 
 The audit device is the fallback for filtering purposes.
 **Vault only supports one fallback audit device at a time**.

website/content/partials/cli/audit/options/filter.mdx

@@ -1,4 +1,6 @@
-- `filter (string : "")` ((#audit-option-filter))  <EnterpriseAlert inline="true" />
+<a id="audit-option-filter" />
+
+**`filter (string : "")`** <EnterpriseAlert inline="true" />
 
 Only write audit log entries matching the provided
 [filtering expression](/vault/docs/enterprise/audit/filtering) to the audit

website/content/partials/cli/audit/options/format.mdx

@@ -1,4 +1,6 @@
-- `format (enum : json)` ((#audit-option-format))
+<a id="audit-option-format" />
+
+**`format (enum : json)`**
 
 Write audit log entries in the provided format.
 

website/content/partials/cli/audit/options/hmac_accessor.mdx

@@ -1,4 +1,6 @@
-- `hmac_accessor (bool : true)` ((#audit-option-hmac_accessor))
+<a id="audit-option-hmac_accessor" />
+
+**`hmac_accessor (bool : true)`**
 
 Hash all token accessor data before writing to the audit device.
 

website/content/partials/cli/audit/options/log_raw.mdx

@@ -1,4 +1,6 @@
-- `log_raw (bool : false)` ((#audit-option-log_raw))
+<a id="audit-option-log_raw" />
+
+**`log_raw (bool : false)`**
 
 Hash all sensitive security information before writing to the audit device.
 

website/content/partials/cli/audit/options/prefix.mdx

@@ -1,4 +1,6 @@
-- `prefix (string : "")` ((#audit-option-prefix))
+<a id="audit-option-prefix" />
+
+**`prefix (string : "")`**
 
 Prepend the provided string to each log entry when writing to the audit device.
 

website/content/partials/cli/shared/flags/log-file.mdx

@@ -1,4 +1,6 @@
-- `-log-file (string : "./<service>.log")` ((#shared-flag-log-file))
+<a id="shared-flag-log-file" />
+
+**`-log-file (string : "./<service>.log")`**
 
 Absolute path where Vault Agent saves logging data.
 

website/content/partials/cli/shared/flags/log-rotate-bytes.mdx

@@ -1,4 +1,6 @@
-- `-log-rotate-bytes (int : <unset>)` ((#shared-flag-log-rotate-bytes))
+<a id="shared-flag-log-rotate-bytes" />
+
+**`-log-rotate-bytes (int : <unset>)`**
 
 File size, in bytes, after which log files must rotate. Leave `log-rotate-bytes`
 unset if you prefer not to limit log file size.

website/content/partials/cli/shared/flags/log-rotate-duration.mdx

@@ -1,4 +1,6 @@
-- `-log-rotate-duration (string : "24h")` ((#shared-flag-log-rotate-duration))
+<a id="shared-flag-log-rotate-duration" />
+
+**`-log-rotate-duration (string : "24h")`**
 
 Amount of time, in `<number>[s|m|h|d]` format, after which log files must
 rotate.

website/content/partials/cli/shared/flags/log-rotate-max-files.mdx

@@ -1,4 +1,6 @@
-- `-log-rotate-max-files (int : 0)` ((#shared-flag-log-rotate-max-files))
+<a id="shared-flag-log-rotate-max-files" />
+
+**`-log-rotate-max-files (int : 0)`**
 
 The number of log file archives to preserve over time:
 

website/content/partials/global-settings/both/address.mdx

@@ -1,4 +1,6 @@
-- `[-address | VAULT_ADDR] (string : 'https://127.0.0.1:8200')` ((#global-address))
+<a id="global-address" />
+
+**`[-address | VAULT_ADDR] (string : 'https://127.0.0.1:8200')`**
 
 Address of the Vault server.
 
@@ -6,4 +8,3 @@ Address of the Vault server.
 
 - CLI flag: `-address "https://mydomain/vault:8200"`
 - Environment variable: `export VAULT_ADDR="https://mydomain/vault:8200"`
-

website/content/partials/global-settings/both/agent-address.mdx

@@ -1,4 +1,6 @@
-- `[-agent-address | VAULT_AGENT_ADDR] (string : "")` ((#global-agent-address))
+<a id="global-agent-address" />
+
+**`[-agent-address | VAULT_AGENT_ADDR] (string : "")`**
 
 Address of the Vault Agent, if used.
 
@@ -6,4 +8,3 @@ Address of the Vault Agent, if used.
 
 - CLI flag: `-agent-address "https://mydomain/vault-agent:8200"`
 - Environment variable: `export VAULT_AGENT_ADDR="https://mydomain/vault-agent:8200"`
-

website/content/partials/global-settings/both/ca-cert.mdx

@@ -1,4 +1,6 @@
-- `[-ca-cert | VAULT_CACERT] (string : "")` ((#global-ca-cert))
+<a id="global-ca-cert" />
+
+**`[-ca-cert | VAULT_CACERT] (string : "")`**
 
 Path to a PEM-encoded CA certificate file on the local disk. Used to verify SSL
 certificates for the server. **Takes precedence over `-ca_path`**.
@@ -7,4 +9,3 @@ certificates for the server. **Takes precedence over `-ca_path`**.
 
 - CLI flag: `-ca-cert "/path/to/certs/mycert.pem"`
 - Environment variable: `export VAULT_CACERT="/path/to/certs/mycert.pem"`
-

website/content/partials/global-settings/both/ca-path.mdx

@@ -1,4 +1,6 @@
-- `[-ca-path | VAULT_CAPATH] (string : "")` ((#global-ca-path))
+<a id="global-ca-path" />
+
+**`[-ca-path | VAULT_CAPATH] (string : "")`**
 
 Path to a directory with PEM-encoded CA certificate files on the local disk.
 Used to verify SSL certificates for the server.
@@ -7,4 +9,3 @@ Used to verify SSL certificates for the server.
 
 - CLI flag: `-ca-path "/path/to/certs/dir"`
 - Environment variable: `export VAULT_CAPATH="/path/to/certs/dir"`
-

website/content/partials/global-settings/both/client-cert.mdx

@@ -1,4 +1,6 @@
-- `[-client-cert | VAULT_CLIENT_CERT] (string : "")` ((#global-client-cert))
+<a id="global-client-cert" />
+
+**`[-client-cert | VAULT_CLIENT_CERT] (string : "")`**
 
 Path to a PEM-encoded CA certificate file on the local disk. Used for TLS
 communication with the server. **The specified certificate must match to the
@@ -8,4 +10,3 @@ private key specified with `-client-cert`**.
 
 - CLI flag: `-client-cert "/path/to/certs/mycert.pem"`
 - Environment variable: `export VAULT_CLIENT_CERT="/path/to/certs/mycert.pem"`
-

website/content/partials/global-settings/both/client-key.mdx

@@ -1,4 +1,6 @@
-- `[-client-key | VAULT_CLIENT_KEY] (string : "")` ((#global-client-key))
+<a id="global-client-key" />
+
+**`[-client-key | VAULT_CLIENT_KEY] (string : "")`**
 
 Path to a PEM-encoded private key that matches the client certificate set with
 `-client-cert`.
@@ -7,4 +9,3 @@ Path to a PEM-encoded private key that matches the client certificate set with
 
 - CLI flag: `-client-key "/path/to/keys/myprivatekey.pem"`
 - Environment variable: `export VAULT_CLIENT_KEY="/path/to/keys/myprivatekey.pem"`
-

website/content/partials/global-settings/both/disable-redirects.mdx

@@ -1,4 +1,6 @@
-- `[-disable-redirects | VAULT_DISABLE_REDIRECTS] (bool : false)` ((#global-disable-redirects))
+<a id="global-disable-redirects" />
+
+**`[-disable-redirects | VAULT_DISABLE_REDIRECTS] (bool : false)`**
 
 Disable the default CLI redirect behavior so the CLI honors the first redirect
 response from the underlying API instead of following the full HTTP redirect
@@ -16,4 +18,3 @@ chain.
   misbehave.
 
 </Warning>
-

website/content/partials/global-settings/both/format.mdx

@@ -1,4 +1,6 @@
-- `[-format | VAULT_FORMAT] (enum: table)` ((#global-format))
+<a id="global-format" />
+
+**`[-format | VAULT_FORMAT] (enum: table)`**
 
 Set the CLI output format.
 
@@ -13,4 +15,3 @@ Value   | Description
 
 - CLI flag: `-format json`
 - Environment variable: `export VAULT_FORMAT=json`
-

website/content/partials/global-settings/both/log-format.mdx

@@ -1,4 +1,6 @@
-- `[-log-format | VAULT_LOG_FORMAT] (enum : standard)` ((#global-log-format))
+<a id="global-log-format" />
+
+**`[-log-format | VAULT_LOG_FORMAT] (enum : standard)`**
 
 Format of log data:
 

website/content/partials/global-settings/both/log-level.mdx

@@ -1,4 +1,6 @@
-- `[-log-level | VAULT_LOG_LEVEL] (enum : info)` ((#global-vault_log-level))
+<a id="global-log-level" />
+
+**`[-log-level | VAULT_LOG_LEVEL] (enum : info)`**
 
 Default logging level for the Vault server.
 
@@ -14,4 +16,3 @@ Enum    | Logging behavior
 
 - CLI flag: `-log-level debug`
 - Environment variable: `export VAULT_LOG_LEVEL=debug`
-

website/content/partials/global-settings/both/mfa.mdx

@@ -1,4 +1,6 @@
-- `[-mfa | VAULT_MFA] (string : "")` ((#global-mfa))  <EnterpriseAlert inline="true" />
+<a id="global-mfa" />
+
+**`[-mfa | VAULT_MFA] (string : "")`** <EnterpriseAlert inline="true" />
 
 A multi-factor authentication (MFA) credential, in the format
 `mfa_method_name[:key[=value]]`, that the CLI should use to authenticate to
@@ -17,5 +19,3 @@ underlying API endpoint.
   MFA methods, use the `-mfa` CLI flag and repeat the flag as needed.
 
 </Note>
-
-

website/content/partials/global-settings/both/namespace.mdx

@@ -1,4 +1,6 @@
-- `[-namespace | -ns | VAULT_NAMESPACE] (string : <unset>)` ((#global-namespace))
+<a id="global-namespace" />
+
+**`[-namespace | -ns | VAULT_NAMESPACE] (string : <unset>)`**
 
 Root namespace for the CLI command. Setting a default namespace allow relative
 mount paths.
@@ -7,4 +9,3 @@ mount paths.
 
 - CLI flag: `-namespace "admin"`
 - Environment variable: `export VAULT_NAMESPACE="admin"`
-

website/content/partials/global-settings/both/tls-server-name.mdx

@@ -1,4 +1,6 @@
-- `[-tls-server-name | VAULT_TLS_SERVER_NAME] (string : "")` ((#global-tls-server-name))
+<a id="global-tls-server-name" />
+
+**`[-tls-server-name | VAULT_TLS_SERVER_NAME] (string : "")`**
 
 Name of the SNI host for TLS handshake resolution for TLS connections to Vault.
 
@@ -6,4 +8,3 @@ Name of the SNI host for TLS handshake resolution for TLS connections to Vault.
 
 - CLI flag: `-tls-server-name "hostname.domain"`
 - Environment variable: `export VAULT_TLS_SERVER_NAME="hostname.domain"`
-

website/content/partials/global-settings/both/tls-skip-verify.mdx

@@ -1,4 +1,6 @@
-- `[-tls-skip-verify | VAULT_SKIP_VERIFY] (bool : false)` ((#global-tls-skip-verify))
+<a id="global-tls-skip-verify" />
+
+**`[-tls-skip-verify | VAULT_SKIP_VERIFY] (bool : false)`**
 
 Disable verification for all TLS certificates. **Use with caution**. Disabling
 TLS certificate verification decreases the security of data transmissions to and
@@ -8,4 +10,3 @@ from the Vault server.
 
 - CLI flag: `-tls-skip-verify`
 - Environment variable: `export VAULT_SKIP_VERIFY=1`
-

website/content/partials/global-settings/both/wrap-ttl.mdx

@@ -1,4 +1,6 @@
-- `[-wrap-ttl | VAULT_WRAP_TTL] (string : "")` ((#global-wrap-ttl))
+<a id="global-wrap-ttl" />
+
+**`[-wrap-ttl | VAULT_WRAP_TTL] (string : "")`**
 
 Default time-to-live in `<number>[s|m|h|d]` format for the Cubbyhole token used
 to wrap CLI responses. You must use `vault unwrap` to view response data before
@@ -8,4 +10,3 @@ the duration expires. Leave `wrap_ttl` unset to leave CLI responses unwrapped.
 
 - CLI flag: `-wrap-ttl "5m"`
 - Environment variable: `export VAULT_WRAP_TTL="5m"`
-

website/content/partials/global-settings/env/cli_no_color.mdx

@@ -1,7 +1,7 @@
-- `VAULT_CLI_NO_COLOR (bool : true)` ((#global-cli_no_color))
+<a id="global-vault_cli_no_color" />
+
+**`VAULT_CLI_NO_COLOR (bool : true)`**
 
 Exclude ANSI color escape sequence characters from the CLI output.
 
 **Example**: `export VAULT_CLI_NO_COLOR=0`
-
-

website/content/partials/global-settings/env/client_timeout.mdx

@@ -1,7 +1,8 @@
-- `VAULT_CLIENT_TIMEOUT (string : "60s")` ((#standard-vault_client_timeout))
+<a id="global-vault_client_timeout" />
+
+**`VAULT_CLIENT_TIMEOUT (string : "60s")`**
 
 Amount of time, in `<number>[s|m|h|d]` format, the CLI should wait on a response
 from Vault.
 
 **Example**: `export VAULT_CLIENT_TIMEOUT="2m"`
-

website/content/partials/global-settings/env/cluster_addr.mdx

@@ -1,7 +1,8 @@
-- `VAULT_CLUSTER_ADDR (string : "")` ((#global-vault_cluster_addr))
+<a id="global-vault_cluster_addr" />
+
+**`VAULT_CLUSTER_ADDR (string : "")`**
 
 Address of the local Vault node. Vault uses cluster addresses for
 cluster-to-cluster communication when running in high-availability mode.
 
 **Example**: `export VAULT_CLUSTER_ADDR="https://127.0.0.1:8201"`
-

website/content/partials/global-settings/env/http_proxy.mdx

@@ -1,5 +1,5 @@
-- `VAULT_HTTP_PROXY (string : "")` ((#global-vault_http_proxy))
+<a id="global-vault_http_proxy" />
+
+**`VAULT_HTTP_PROXY (string : "")`**
 
 Legacy alias for `VAULT_PROXY_ADDR`.
-
-

website/content/partials/global-settings/env/license.mdx

@@ -1,12 +1,9 @@
-- `VAULT_LICENSE (string : "")` ((#global-vault_license))  <EnterpriseAlert inline="true" />
+<a id="global-vault_license" />
+
+**`VAULT_LICENSE (string : "")`** <EnterpriseAlert inline="true" />
 
 Vault Enterprise license string for the local server or node. `VAULT_LICENSE`
 takes precedence over `VAULT_LICENSE_PATH` **and** the `license_path` parameter
 in the Vault configuration file.
 
 **Example**: `export VAULT_LICENSE="02MV4UU43BK5..."`
-
-
-
-
-

website/content/partials/global-settings/env/license_path.mdx

@@ -1,4 +1,6 @@
-- `VAULT_LICENSE_PATH (string : "")` ((#global-vault_license_path))  <EnterpriseAlert inline="true" />
+<a id="global-vault_license_path" />
+
+**`VAULT_LICENSE_PATH (string : "")`** <EnterpriseAlert inline="true" />
 
 Local path to a file containing a valid Vault Enterprise license for the server
 or node. `VAULT_LICENSE_PATH` takes precedence over the `license_path` parameter

website/content/partials/global-settings/env/max_retries.mdx

@@ -1,4 +1,6 @@
-- `VAULT_MAX_RETRIES (integer : 2)` ((#global-vault_max_retries))
+<a id="global-vault_max_retries" />
+
+**`VAULT_MAX_RETRIES (integer : 2)`**
 
 The number of times the CLI should retry a request to the Vault server when the
 CLI receives one of the following recoverable error codes:

website/content/partials/global-settings/env/proxy_addr.mdx

@@ -1,4 +1,6 @@
-- `VAULT_PROXY_ADDR (string : "")` ((#global-vault_proxy_addr))
+<a id="global-vault_proxy_addr" />
+
+**`VAULT_PROXY_ADDR (string : "")`**
 
 The HTTPS or HTTP address, including server and port, where clients can access
 Vault. Setting `VAULT_HTTP_PROXY` overrides the default proxy resolution

website/content/partials/global-settings/env/rate_limit.mdx

@@ -1,4 +1,6 @@
-- `VAULT_RATE_LIMIT (string : unset)` ((#global-vault_rate_limit))
+<a id="global-vault_rate_limit" />
+
+**`VAULT_RATE_LIMIT (string : unset)`**
 
 The number of operations per second, in `rate[:burst]` format, used to throttle
 requests between the CLI and the server. The `burst` value is optional and

website/content/partials/global-settings/env/redirect_addr.mdx

@@ -1,4 +1,6 @@
-- `VAULT_REDIRECT_ADDR (string : "")` ((#global-vault_redirect_addr))
+<a id="global-vault_redirect_addr" />
+
+**`VAULT_REDIRECT_ADDR (string : "")`**
 
 Local node address that listens for redirected client communication when Vault
 runs in high-availability mode.

website/content/partials/global-settings/env/skip_verify.mdx

@@ -1,4 +1,6 @@
-- `VAULT_SKIP_VERIFY (bool : false)` ((#global-vault_skip_verify))
+<a id="global-vault_skip_verify" />
+
+**`VAULT_SKIP_VERIFY (bool : false)`**
 
 Allow communication between the CLI and Vault server before verifying the
 authentication certificate presented by Vault.

website/content/partials/global-settings/env/srv_lookup.mdx

@@ -1,4 +1,6 @@
-- `VAULT_SRV_LOOKUP (bool : false)` ((#global-vault_srv_lookup))
+<a id="global-vault_srv_lookup" />
+
+**`VAULT_SRV_LOOKUP (bool : false)`**
 
 Use SRV records instead of standard DNS to look up hostnames as described in
 the Network Working Group draft

website/content/partials/global-settings/env/token.mdx

@@ -1,4 +1,6 @@
-- `VAULT_TOKEN (string : "")` ((#global-vault_token))
+<a id="global-vault_token" />
+
+**`VAULT_TOKEN (string : "")`**
 
 A Vault-issued service token that authenticates the CLI user to Vault.
 See the [tokens concepts page](/vault/docs/concepts/tokens) for more information

website/content/partials/global-settings/flags/header.mdx

@@ -1,4 +1,6 @@
-- `-header (string : "")` ((#global-header))
+<a id="global-header" />
+
+**`-header (string : "")`**
 
 Optional HTTP header in the form `"<key>=<value>"` for the CLI request. Repeat
 the `-header` flag as needed with one string per flag. User-defined headers

website/content/partials/global-settings/flags/non-interactive.mdx

@@ -1,4 +1,6 @@
-- `-non-interactive (bool : false)` ((#global-non-interactive))
+<a id="global-non-interactive" />
+
+**`-non-interactive (bool : false)`**
 
 Prevent the CLI from asking users for input through the terminal.
 

website/content/partials/global-settings/flags/output-curl-string.mdx

@@ -1,4 +1,6 @@
-- `-output-curl-string (bool : false)` ((#global-output-curl-string))
+<a id="global-output-curl-string" />
+
+**`-output-curl-string (bool : false)`**
 
 Print the API call(s) required to execute the CLI command  as `cURL` strings
 then exit without running the command.

website/content/partials/global-settings/flags/output-policy.mdx

@@ -1,4 +1,6 @@
-- `-output-policy (bool : false)` ((#global-output-policy))
+<a id="global-output-policy" />
+
+**`-output-policy (bool : false)`**
 
 Print the Vault policy required to execute the CLI command as HCL then exit
 without running the command.

website/content/partials/global-settings/flags/policy-override.mdx

@@ -1,6 +1,7 @@
-- `-policy-override (bool : false)` ((#global-policy-override))
+<a id="global-policy-override" />
+
+**`-policy-override (bool : false)`**
 
 Overrides any Sentinel policy where `enforcement_level` is "soft-mandatory".
 
 **Example**: `-policy-override`
-

website/content/partials/global-settings/flags/unlock-key.mdx

@@ -1,4 +1,6 @@
-- `-unlock-key (string : <unset>)` ((#global-unlock-key))
+<a id="global-unlock-key" />
+
+**`-unlock-key (string : <unset>)`**
 
 Plaintext key that unlocks the underlying API endpoint for a given namespace.