luxolus/open-vault
2
0
Fork 0
Code Issues 1 Pull requests Releases Activity
open-vault/website/content/docs/commands/kv/patch.mdx
Chris Capurso 9c8fe62818
add patch section to kv-v2 api and CLI docs (#12689) 
* add data patch section to kv-v2 api docs

* fix trucated output for kv put command with cas cmd in kv-v2 docs

* wip vault kv patch CLI docs

* add new flags to 'vault kv patch' CLI command docs

* fix cas_required formatting

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* fix cas formatting

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* additional format fixes

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
2021-10-22 15:31:03 -04:00

82 lines
2.7 KiB
Plaintext
Raw Blame History

---
layout: docs
page_title: kv patch - Command
description: |-
The "kv patch" command writes the data to the given path in the key-value
store. The data can be of any type.
---
# kv patch
~> **NOTE:** This is a [K/V Version 2](/docs/secrets/kv/kv-v2) secrets
engine command, and not available for Version 1.
The `kv patch` command writes the data to the given path in the K/V v2 secrets
engine. The data can be of any type. Unlike the `kv put` command, the `patch`
command combines the change with existing data instead of replacing them.
Therefore, this command makes it easy to make a partial updates to an existing
data.
## Examples
If you wish to add an additional key-value (`ttl=48h`) to the existing data at
the key "creds":
```shell-session
$ vault kv patch secret/creds ttl=48h
Key Value
--- -----
created_time 2019-06-06T16:46:22.090654Z
deletion_time n/a
destroyed false
version 6
```
**NOTE:** The `kv put` command requires both the existing data and
the data you wish to add in order to accomplish the same result.
```shell-session
$ vault kv put secret/creds ttl=48h passcode=my-long-passcode
```
The data can also be consumed from a file on disk by prefixing with the "@"
symbol. For example:
```shell-session
$ vault kv patch secret/creds @data.json
```
Or it can be read from stdin using the "-" symbol:
```shell-session
$ echo "abcd1234" | vault kv patch secret/foo bar=-
```
## Usage
### Output Options
- `-field` `(string: "")` - Print only the field with the given name. Specifying
this option will take precedence over other formatting directives. The result
will not have a trailing newline making it ideal for piping to other
processes.
- `-format` `(string: "table")` - Print the output in the given format. Valid
formats are "table", "json", or "yaml". This can also be specified via the
`VAULT_FORMAT` environment variable.
### Command Options
- `-method` `(string: "patch")` - Specifies the patch method to use. Valid
methods are `patch` and `rw`. The `patch` method uses an HTTP `PATCH` request
to apply the partial update. The `rw` method will fetch the secret's data,
perform an in-memory update, and write the updated data.
- `-cas` `(int: 0)` - Specifies the value to use for the Check-And-Set operation.
This flag will only be used for the `patch` method. This flag is required if
`cas_required` is set to `true` on either the secret or the engine's config.
In order for a `patch` to be successful, `-cas` must be set to the current
version of the secret. This flag will be ignored for the `rw` method.
Instead, its value will be derived from fetching the current version of the
secret.
Reference in a new issue View git blame Copy permalink