kv
kv 命令包含一组与 Vault 的 Key/Value 机密引擎交互的子命令(同时包含 Version 1 以及 Version 2):
例子
在 secret 路径上启用的 K/V Version 2 引擎上创建或更新键为 "creds" 的记录,值为 "passcode=my-long-passcode":
$ vault kv put secret/creds passcode=my-long-passcode
Key Value
--- -----
created_time 2019-06-28T15:53:30.395814Z
deletion_time n/a
destroyed false
version 1
读取该值:
$ vault kv get secret/creds
====== Metadata ======
Key Value
--- -----
created_time 2019-06-28T15:53:30.395814Z
deletion_time n/a
destroyed false
version 1
====== Data ======
Key Value
--- -----
passcode my-long-passcode
读取键 "creds" 的元数据:
$ vault kv metadata get secret/creds
========== Metadata ==========
Key Value
--- -----
cas_required false
created_time 2019-06-28T15:53:30.395814Z
current_version 1
delete_version_after 0s
max_versions 0
oldest_version 0
updated_time 2019-06-28T15:53:30.395814Z
====== Version 1 ======
Key Value
--- -----
created_time 2019-06-28T15:53:30.395814Z
deletion_time n/a
destroyed false
读取键 "creds" 的指定版本:
$ vault kv get -version=1 secret/creds
====== Metadata ======
Key Value
--- -----
created_time 2019-06-28T15:53:30.395814Z
deletion_time n/a
destroyed false
version 1
====== Data ======
Key Value
--- -----
passcode my-long-passcode
可用子命令
Usage: vault kv <subcommand> [options] [args]
# ...
Subcommands:
delete Deletes versions in the KV store
destroy Permanently removes one or more versions in the KV store
enable-versioning Turns on versioning for a KV store
get Retrieves data from the KV store
list List data or secrets
metadata Interact with Vault's Key-Value storage
patch Sets or updates data in the KV store without overwriting
put Sets or updates data in the KV store
rollback Rolls back to a previous version of data
undelete Undeletes versions in the KV store
每种子命令的详细使用方法,请阅读对应的章节。