scottk/vault
1
0
Fork 0
mirror of https://github.com/optim-enterprises-bv/vault.git synced 2025-10-30 02:02:43 +00:00
Code Issues Packages Projects Releases Wiki Activity

Core: CLI Doc improvements to example read / write. (#19064)

Browse Source 
* Core: CLI Doc imporvements to example read / write. Resolves #16788

* Core: CLI Doc imporvements to example read / write. Resolves #16788. Updated Changelog filename.

* Core: CLI Doc imporvements to example read / write. Resolves #16788. Updated Changelog..

* Updated read example to use token lookup instead.
This commit is contained in:
aphorise
2024-08-09 17:48:21 +02:00
committed by GitHub
parent 7509ef169b
commit 88975a6c24
3 changed files with 22 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
changelog/19064.txt Normal file
View File

@@ -0,0 +1,3 @@
```release-note:improvement
core/cli: Example 'help' pages for vault read / write docs improved.
```

12
command/read.go
View File

@@ -36,9 +36,17 @@ Usage: vault read [options] PATH
Reads data from Vault at the given path. This can be used to read secrets, Reads data from Vault at the given path. This can be used to read secrets,
generate dynamic credentials, get configuration details, and more. generate dynamic credentials, get configuration details, and more.
Read a secret from the static secrets engine: Read details of your own token:
$ vault read secret/my-secret $ vault read auth/token/lookup-self
Read entity details of a given ID:
$ vault read identity/entity/id/2f09126d-d161-abb8-2241-555886491d97
Generate credentials for my-role in an AWS secrets engine:
$ vault read aws/creds/my-role
For a full list of examples and paths, please see the documentation that For a full list of examples and paths, please see the documentation that
corresponds to the secrets engine in use. corresponds to the secrets engine in use.

12
command/write.go
View File

@@ -51,13 +51,15 @@ Usage: vault write [options] PATH [DATA K=V...]
it is loaded from a file. If the value is "-", Vault will read the value from it is loaded from a file. If the value is "-", Vault will read the value from
stdin. stdin.
Persist data in the generic secrets engine: Store an arbitrary secret in the token's cubbyhole.
$ vault write secret/my-secret foo=bar $ vault write cubbyhole/git-credentials username="student01" password="p@$$w0rd"
Create a new encryption key in the transit secrets engine: Create a new encryption key in the transit secrets engine:
$ vault write -f transit/keys/my-key $ vault write -force transit/keys/my-key
The -force / -f flag allows a write operation without any input data.
Upload an AWS IAM policy from a file on disk: Upload an AWS IAM policy from a file on disk:
@@ -67,6 +69,10 @@ Usage: vault write [options] PATH [DATA K=V...]
$ echo $MY_TOKEN | vault write consul/config/access token=- $ echo $MY_TOKEN | vault write consul/config/access token=-
Create a token
$ vault write auth/token/create policies="admin" policies="secops" ttl=8h num_uses=3
For a full list of examples and paths, please see the documentation that For a full list of examples and paths, please see the documentation that
corresponds to the secret engines in use. corresponds to the secret engines in use.