luxolus/open-vault
2
0
Fork 0
Code Issues 1 Pull requests Releases Activity
open-vault/website/content/docs/commands/transit/index.mdx
Alexander Scheel 7182949029
Fix transit byok tool, add docs, tests (#19373) 
* Fix Vault Transit BYOK helper argument parsing

This commit fixes the following issues with the importer:

 - More than two arguments were not supported, causing the CLI to error
   out and resulting in a failure to import RSA keys.
 - The @file notation support was not accepted for KEY, meaning
   unencrypted keys had to be manually specified on the CLI.
 - Parsing of additional argument data was done in a non-standard way.
 - Fix parsing of command line options and ensure only relevant
   options are included.

Additionally, some error messages and help text was clarified.

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Add missing documentation on Transit CLI to website

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Add tests for Transit BYOK vault subcommand

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Add changelog

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Appease CI

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

---------

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
2023-02-27 18:25:38 +00:00

33 lines
933 B
Plaintext
Raw Blame History

---
layout: docs
page_title: transit - Command
description: |-
The "transit" command groups subcommands for interacting with Vault's Transit
secrets engine.
---
# transit
The `transit` command groups subcommands for interacting with Vault's
[Transit Secrets Engine](/vault/docs/secrets/transit).
## Syntax
Option flags for a given subcommand are provided after the subcommand, but before the arguments.
## Examples
To [import](/vault/docs/commands/transit/import) keys into a mount via the
[Transit BYOK](/vault/docs/secrets/transit#bring-your-own-key-byok)
mechanism, use the `vault transit import <path> <key>` or
`vault transit import-version <path> <key>` commands:
```
$ vault transit import transit/keys/test-key @test-key type=rsa-2048
Retrieving transit wrapping key.
Wrapping source key with ephemeral key.
Encrypting ephemeral key with transit wrapping key.
Submitting wrapped key to Vault transit.
Success!
```
Reference in a new issue View git blame Copy permalink