open-vault/website/source/api/system/rotate.html.md
RJ Spiker fca7cb3794 website: update sidebar_title in front matter to use <code> (#5636)
* website: replace deprecated <tt> with <code> in front matter sidebar_title

* website: wrap front matter sidebar_title in <code> for commands pages
2018-10-29 15:58:37 -04:00

1 KiB

layout page_title sidebar_title sidebar_current description
api /sys/rotate - HTTP API <code>/sys/rotate</code> api-http-system-rotate The `/sys/rotate` endpoint is used to rotate the encryption key.

/sys/rotate

The /sys/rotate endpoint is used to rotate the encryption key.

Rotate Encryption Key

This endpoint triggers a rotation of the backend encryption key. This is the key that is used to encrypt data written to the storage backend, and is not provided to operators. This operation is done online. Future values are encrypted with the new key, while old values are decrypted with previous encryption keys.

This path requires sudo capability in addition to update.

Method Path Produces
PUT /sys/rotate 204 (empty body)

Sample Request

$ curl \
    --header "X-Vault-Token: ..." \
    --request PUT \
    http://127.0.0.1:8200/v1/sys/rotate