open-vault/website/content/api-docs/system/raw.mdx

145 lines
3.4 KiB
Plaintext
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

---
layout: api
page_title: /sys/raw - HTTP API
description: The `/sys/raw` endpoint is used to access the raw underlying store in Vault.
---
# `/sys/raw`
The `/sys/raw` endpoint is used to access the raw underlying store in Vault.
This endpoint is off by default. See the
[Vault configuration documentation](/docs/configuration) to
enable.
## Read Raw
This endpoint reads the value of the key at the given path. This is the raw path
in the storage backend and not the logical path that is exposed via the mount
system.
| Method | Path |
| :----- | :--------------- |
| `GET` | `/sys/raw/:path` |
### Parameters
- `path` `(string: <required>)`  Specifies the raw path in the storage backend.
This is specified as part of the URL.
- `compressed` `(bool: true)` - Attempt to decompress the value.
- `encoding` `(string: "")` - Specifies the encoding of the returned data. Defaults to no encoding.
"base64" returns the value encoded in base64.
### Sample Request
```shell-session
$ curl \
--header "X-Vault-Token: ..." \
http://127.0.0.1:8200/v1/sys/raw/secret/foo
```
### Sample Response
```json
{
"value": "{'foo':'bar'}"
}
```
## Create/Update Raw
This endpoint updates the value of the key at the given path. This is the raw
path in the storage backend and not the logical path that is exposed via the
mount system.
| Method | Path |
| :----- | :--------------- |
| `PUT` | `/sys/raw/:path` |
### Parameters
- `path` `(string: <required>)`  Specifies the raw path in the storage backend.
This is specified as part of the URL.
- `value` `(string: <required>)` Specifies the value of the key.
- `compression_type` `(string: "")` - Create/update using the compressed form of `value`. Supported `compression_type`
values are `gzip`, `lzw`, `lz4`, `snappy`, or `""`. `""` means no compression is used. If omitted and key already exists,
update uses the same compression (or no compression) as the existing value.
- `encoding` `(string: "")` - Specifies the encoding of `value`. Defaults to no encoding.
Use "base64" if `value` is encoded in base64.
### Sample Payload
```json
{
"value": "{\"foo\": \"bar\"}"
}
```
### Sample Request
```shell-session
$ curl \
--header "X-Vault-Token: ..." \
--request PUT \
--data @payload.json \
http://127.0.0.1:8200/v1/sys/raw/secret/foo
```
## List Raw
This endpoint returns a list keys for a given path prefix.
**This endpoint requires 'sudo' capability.**
| Method | Path |
| :----- | :--------------------------- |
| `LIST` | `/sys/raw/:prefix` |
| `GET` | `/sys/raw/:prefix?list=true` |
### Sample Request
```shell-session
$ curl \
--header "X-Vault-Token: ..." \
--request LIST \
http://127.0.0.1:8200/v1/sys/raw/logical
```
### Sample Response
```json
{
"data": {
"keys": ["abcd-1234...", "efgh-1234...", "ijkl-1234..."]
}
}
```
## Delete Raw
This endpoint deletes the key with given path. This is the raw path in the
storage backend and not the logical path that is exposed via the mount system.
| Method | Path |
| :------- | :--------------- |
| `DELETE` | `/sys/raw/:path` |
### Parameters
- `path` `(string: <required>)`  Specifies the raw path in the storage backend.
This is specified as part of the URL.
### Sample Request
```shell-session
$ curl \
--header "X-Vault-Token: ..." \
--request DELETE \
http://127.0.0.1:8200/v1/sys/raw/secret/foo
```