Vault - mwicat/personal GitHub Wiki

Install

sudo pip3 install hvac

KV engine

get

vault kv get -field=data /certs/digicert

put

vault kv put /certs/digicert [email protected]

update

import hvac


client = hvac.Client()

path = '/my/path'

secret_version_response = client.secrets.kv.v2.read_secret_version(
    mount_point='kv', path=path)

data_dict = secret_version_response['data']['data']
data_dict['test'] = 'test'

client.secrets.kv.v2.create_or_update_secret(
    mount_point='kv', path=path, secret=data_dict)

Secrets engine

vault read -format json /secret/mysecret

Secrets to KV

vault kv put -format json /kv/mysecret @<(vault read -format json /secret/mysecret | jq .data)