This removes all references I could find to: - credential provider - authentication backend - authentication provider - auth provider - auth backend in favor of the unified: - auth method
1.5 KiB
layout | page_title | sidebar_current | description |
---|---|---|---|
docs | unwrap - Command | docs-commands-unwrap | The "unwrap" command unwraps a wrapped secret from Vault by the given token. The result is the same as the "vault read" operation on the non-wrapped secret. If no token is given, the data in the currently authenticated token is unwrapped. |
unwrap
The unwrap
command unwraps a wrapped secret from Vault by the given token. The
result is the same as the "vault read" operation on the non-wrapped secret. If
no token is given, the data in the currently authenticated token is unwrapped.
Examples
Unwrap the data in the cubbyhole secrets engine for a token:
$ vault unwrap 3de9ece1-b347-e143-29b0-dc2dc31caafd
Unwrap the data in the active token:
$ vault login 848f9ccf-7176-098c-5e2b-75a0689d41cd
$ vault unwrap # unwraps 848f9ccf...
Usage
The following flags are available in addition to the standard set of flags included on all commands.
Output Options
-
-field
(string: "")
- Print only the field with the given name. Specifying this option will take precedence over other formatting directives. The result will not have a trailing newline making it idea for piping to other processes. -
-format
(string: "table")
- Print the output in the given format. Valid formats are "table", "json", or "yaml". This can also be specified via theVAULT_FORMAT
environment variable.