From 82427e355f57d69dedabb247f844e72d23678beb Mon Sep 17 00:00:00 2001 From: Jonathan Frappier <92055993+jonathanfrappier@users.noreply.github.com> Date: Wed, 10 May 2023 18:21:26 -0400 Subject: [PATCH] Add requested generated secret example (#20556) * Add requested generated secret example * Fix code block types * Update website/content/docs/secrets/kv/kv-v1.mdx Co-authored-by: Yoko Hyakuna * Update website/content/docs/secrets/kv/kv-v2.mdx Co-authored-by: Yoko Hyakuna --------- Co-authored-by: Yoko Hyakuna --- website/content/docs/secrets/kv/kv-v1.mdx | 51 +++++++++-- website/content/docs/secrets/kv/kv-v2.mdx | 101 +++++++++++++++++++--- 2 files changed, 133 insertions(+), 19 deletions(-) diff --git a/website/content/docs/secrets/kv/kv-v1.mdx b/website/content/docs/secrets/kv/kv-v1.mdx index e7e456b44..ba010881f 100644 --- a/website/content/docs/secrets/kv/kv-v1.mdx +++ b/website/content/docs/secrets/kv/kv-v1.mdx @@ -28,8 +28,8 @@ secret's path. To enable a version 1 kv store: -``` -vault secrets enable -version=1 kv +```shell-session +$ vault secrets enable -version=1 kv ``` ## Usage @@ -40,14 +40,14 @@ allows for writing keys with arbitrary values. 1. Write arbitrary data: - ```text + ```shell-session $ vault kv put kv/my-secret my-value=s3cr3t Success! Data written to: kv/my-secret ``` 1. Read arbitrary data: - ```text + ```shell-session $ vault kv get kv/my-secret Key Value --- ----- @@ -56,7 +56,7 @@ allows for writing keys with arbitrary values. 1. List the keys: - ```text + ```shell-session $ vault kv list kv/ Keys ---- @@ -65,11 +65,50 @@ allows for writing keys with arbitrary values. 1. Delete a key: - ``` + ```shell-session $ vault kv delete kv/my-secret Success! Data deleted (if it existed) at: kv/my-secret ``` +You can also use [Vault's password policy](/vault/docs/concepts/password-policies) feature to generate arbitrary values. + +1. Write a password policy: + + ```shell-session + $ vault write sys/policies/password/example policy=-< + + ```plaintext + ========= Secret Path ========= + secret/data/my-generated-secret + + ======= Metadata ======= + Key Value + --- ----- + created_time 2023-05-10T14:32:32.37354939Z + custom_metadata + deletion_time n/a + destroyed false + version 1 + ``` + + + +1. Read the generated data: + + ```shell-session + $ vault kv get -mount=secret my-generated-secret + ========= Secret Path ========= + secret/data/my-generated-secret + + ======= Metadata ======= + Key Value + --- ----- + created_time 2023-05-10T14:32:32.37354939Z + custom_metadata + deletion_time n/a + destroyed false + version 1 + + ====== Data ====== + Key Value + --- ----- + password !hh&be1e4j16dVc0ggae + ``` + ### Deleting and Destroying Data When deleting data the standard `vault kv delete` command will perform a @@ -517,7 +590,9 @@ See the commands below for more information: ```shell-session $ vault kv metadata patch -mount=secret -custom-metadata=foo=def my-secret Success! Data written to: secret/metadata/my-secret + ``` + ```shell-session $ vault kv get -mount=secret my-secret ====== Metadata ====== Key Value