a3dfde5cec
* conversion stage 1 * correct image paths * add sidebar title to frontmatter * docs/concepts and docs/internals * configuration docs and multi-level nav corrections * commands docs, index file corrections, small item nav correction * secrets converted * auth * add enterprise and agent docs * add extra dividers * secret section, wip * correct sidebar nav title in front matter for apu section, start working on api items * auth and backend, a couple directory structure fixes * remove old docs * intro side nav converted * reset sidebar styles, add hashi-global-styles * basic styling for nav sidebar * folder collapse functionality * patch up border length on last list item * wip restructure for content component * taking middleman hacking to the extreme, but its working * small css fix * add new mega nav * fix a small mistake from the rebase * fix a content resolution issue with middleman * title a couple missing docs pages * update deps, remove temporary markup * community page * footer to layout, community page css adjustments * wip downloads page * deps updated, downloads page ready * fix community page * homepage progress * add components, adjust spacing * docs and api landing pages * a bunch of fixes, add docs and api landing pages * update deps, add deploy scripts * add readme note * update deploy command * overview page, index title * Update doc fields Note this still requires the link fields to be populated -- this is solely related to copy on the description fields * Update api_basic_categories.yml Updated API category descriptions. Like the document descriptions you'll still need to update the link headers to the proper target pages. * Add bottom hero, adjust CSS, responsive friendly * Add mega nav title * homepage adjustments, asset boosts * small fixes * docs page styling fixes * meganav title * some category link corrections * Update API categories page updated to reflect the second level headings for api categories * Update docs_detailed_categories.yml Updated to represent the existing docs structure * Update docs_detailed_categories.yml * docs page data fix, extra operator page remove * api data fix * fix makefile * update deps, add product subnav to docs and api landing pages * Rearrange non-hands-on guides to _docs_ Since there is no place for these on learn.hashicorp, we'll put them under _docs_. * WIP Redirects for guides to docs * content and component updates * font weight hotfix, redirects * fix guides and intro sidenavs * fix some redirects * small style tweaks * Redirects to learn and internally to docs * Remove redirect to `/vault` * Remove `.html` from destination on redirects * fix incorrect index redirect * final touchups * address feedback from michell for makefile and product downloads
90 lines
3 KiB
Markdown
90 lines
3 KiB
Markdown
---
|
|
layout: "docs"
|
|
page_title: "secrets enable - Command"
|
|
sidebar_title: "enable"
|
|
sidebar_current: "docs-commands-secrets-enable"
|
|
description: |-
|
|
The "secrets enable" command enables an secrets engine at a given path. If an
|
|
secrets engine already exists at the given path, an error is returned. After
|
|
the secrets engine is enabled, it usually needs configuration. The
|
|
configuration varies by secrets engine.
|
|
---
|
|
|
|
# secrets enable
|
|
|
|
The `secrets enable` command enables an secrets engine at a given path. If an
|
|
secrets engine already exists at the given path, an error is returned. After the
|
|
secrets engine is enabled, it usually needs configuration. The configuration
|
|
varies by secrets engine.
|
|
|
|
By default, secrets engines are enabled at the path corresponding to their TYPE,
|
|
but users can customize the path using the `-path` option.
|
|
|
|
Some secrets engines persist data, some act as data pass-through, and some
|
|
generate dynamic credentials. The secrets engine will likely require
|
|
configuration after it is mounted. For details on the specific configuration
|
|
options, please see the [secrets engine
|
|
documentation](/docs/secrets/index.html).
|
|
|
|
|
|
## Examples
|
|
|
|
Enable the AWS secrets engine at "aws/":
|
|
|
|
```text
|
|
$ vault secrets enable aws
|
|
Success! Enabled the aws secrets engine at: aws/
|
|
```
|
|
|
|
Enable the SSH secrets engine at ssh-prod/:
|
|
|
|
```text
|
|
$ vault secrets enable -path=ssh-prod ssh
|
|
```
|
|
|
|
Enable the database secrets engine with an explicit maximum TTL of 30m:
|
|
|
|
```text
|
|
$ vault secrets enable -max-lease-ttl=30m database
|
|
```
|
|
|
|
Enable a custom plugin (after it is registered in the plugin registry):
|
|
|
|
```text
|
|
$ vault secrets enable -path=my-secrets -plugin-name=my-plugin plugin
|
|
```
|
|
|
|
For more information on the specific configuration options and paths, please see
|
|
the [secrets engine](/docs/secrets/index.html) documentation.
|
|
|
|
## Usage
|
|
|
|
The following flags are available in addition to the [standard set of
|
|
flags](/docs/commands/index.html) included on all commands.
|
|
|
|
- `-default-lease-ttl` `(duration: "")` - The default lease TTL for this secrets
|
|
engine. If unspecified, this defaults to the Vault server's globally
|
|
configured default lease TTL.
|
|
|
|
- `-description` `(string: "")` - Human-friendly description for the purpose of
|
|
this engine.
|
|
|
|
- `-force-no-cache` `(bool: false)` - Force the secrets engine to disable
|
|
caching. If unspecified, this defaults to the Vault server's globally
|
|
configured cache settings. This does not affect caching of the underlying
|
|
encrypted data storage.
|
|
|
|
- `-local` `(bool: false)` - Mark the secrets engine as local-only. Local
|
|
engines are not replicated or removed by replication.
|
|
|
|
- `-max-lease-ttl` `(duration: "")` The maximum lease TTL for this secrets
|
|
engine. If unspecified, this defaults to the Vault server's globally
|
|
configured maximum lease TTL.
|
|
|
|
- `-path` `(string: "")` Place where the secrets engine will be accessible. This
|
|
must be unique cross all secrets engines. This defaults to the "type" of the
|
|
secrets engine.
|
|
|
|
- `-plugin-name` `(string: "")` - Name of the secrets engine plugin. This plugin
|
|
name must already exist in Vault's plugin catalog.
|