Document `vault write` JSON request parameters (#14087)

As mentioned by Steve Clark. :-) Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
2022-02-17 09:07:41 -06:00 · 2022-02-17 09:07:41 -06:00 · 7278479856
parent 1cf74e1179
commit 7278479856
1 changed files with 10 additions and 3 deletions
--- a/website/content/docs/commands/write.mdx
+++ b/website/content/docs/commands/write.mdx
@ -13,9 +13,16 @@ The `write` command writes data to Vault at the given path. The data can be
 credentials, secrets, configuration, or arbitrary data. The specific behavior of
 this command is determined at the thing mounted at the path.

-Data is specified as "key=value" pairs. If the value begins with an "@", then it
-is loaded from a file. If the value is "-", Vault will read the value from
-stdin.
+Data is specified as "key=value" pairs on the command line. If the value begins
+with an "@", then it is loaded from a file. If the value for a key is "-", Vault
+will read the value from stdin rather than the command line.
+
+Some API fields require more advanced structures such as maps. These cannot
+directly be represented on the command line. However, direct control of the
+request parameters can be achieved by using `-` as the only data argument.
+This causes `vault write` to read a JSON blob containing all request parameters
+from stdin. This argument will be ignored if used in conjunction with any
+"key=value" pairs.

 For a full list of examples and paths, please see the documentation that
 corresponds to the secrets engines in use.