tldr/pages/common/vault.md

# vault

> A CLI to interact with HashiCorp Vault.

- Connect to a Vault server and initialize a new encrypted data store:

`vault init`

- Unseal or 'unlock' the vault by providing one of the key shares needed to access the encrypted data store:

`vault unseal {{key-share-x}}`

- Authenticate the CLI client against the Vault server using an authentication token:

`vault auth {{authentication-token}}`

- Store a new secret in the vault using the generic back-end, called 'secret':

`vault write secret/{{hello}} value={{world}}`

- Read a value from the vault using the generic back-end, called 'secret':

`vault read secret/{{hello}}`

- Seal or 'lock' the Vault server by removing the encryption key of the data store from memory:

`vault seal`
vault: add page 2017-09-07 09:42:31 +01:00			`# vault`

vault: Fix some review remarks 2017-09-07 17:50:18 +01:00			`> A CLI to interact with HashiCorp Vault.`
vault: add page 2017-09-07 09:42:31 +01:00
vault: Simplify examples and prevent jargon - Simplified 'init' command, using the defaults - Provide synonym 'unlock' to explain the 'unsealing' process - Use 'key shares' instead of 'key-shares' or 'keyshares' - Briefly explain what 'sealing' means 2017-09-08 13:21:37 +01:00			`- Connect to a Vault server and initialize a new encrypted data store:`
vault: add page 2017-09-07 09:42:31 +01:00
vault: Simplify examples and prevent jargon - Simplified 'init' command, using the defaults - Provide synonym 'unlock' to explain the 'unsealing' process - Use 'key shares' instead of 'key-shares' or 'keyshares' - Briefly explain what 'sealing' means 2017-09-08 13:21:37 +01:00			`vault init`
vault: add page 2017-09-07 09:42:31 +01:00
vault: Simplify examples and prevent jargon - Simplified 'init' command, using the defaults - Provide synonym 'unlock' to explain the 'unsealing' process - Use 'key shares' instead of 'key-shares' or 'keyshares' - Briefly explain what 'sealing' means 2017-09-08 13:21:37 +01:00			`- Unseal or 'unlock' the vault by providing one of the key shares needed to access the encrypted data store:`
vault: add page 2017-09-07 09:42:31 +01:00
			`vault unseal {{key-share-x}}`

vault: Simplify examples and prevent jargon - Simplified 'init' command, using the defaults - Provide synonym 'unlock' to explain the 'unsealing' process - Use 'key shares' instead of 'key-shares' or 'keyshares' - Briefly explain what 'sealing' means 2017-09-08 13:21:37 +01:00			`- Authenticate the CLI client against the Vault server using an authentication token:`
vault: add page 2017-09-07 09:42:31 +01:00
			`vault auth {{authentication-token}}`

vault: Simplify examples and prevent jargon - Simplified 'init' command, using the defaults - Provide synonym 'unlock' to explain the 'unsealing' process - Use 'key shares' instead of 'key-shares' or 'keyshares' - Briefly explain what 'sealing' means 2017-09-08 13:21:37 +01:00			`- Store a new secret in the vault using the generic back-end, called 'secret':`
vault: add page 2017-09-07 09:42:31 +01:00
vault: Fix 'vault write' remarks Vault uses different back-ends (secret, auth, audit, ..), which are modeled as a kind of file system: - Remove 'secret' from the token - Include the 'secret' back-end to the 'vault write' description 2017-09-07 20:30:59 +01:00			`vault write secret/{{hello}} value={{world}}`
vault: add page 2017-09-07 09:42:31 +01:00
vault: Simplify examples and prevent jargon - Simplified 'init' command, using the defaults - Provide synonym 'unlock' to explain the 'unsealing' process - Use 'key shares' instead of 'key-shares' or 'keyshares' - Briefly explain what 'sealing' means 2017-09-08 13:21:37 +01:00			`- Read a value from the vault using the generic back-end, called 'secret':`
vault: add page 2017-09-07 09:42:31 +01:00
vault: Fix 'vault write' remarks Vault uses different back-ends (secret, auth, audit, ..), which are modeled as a kind of file system: - Remove 'secret' from the token - Include the 'secret' back-end to the 'vault write' description 2017-09-07 20:30:59 +01:00			`vault read secret/{{hello}}`
vault: add page 2017-09-07 09:42:31 +01:00
vault: Simplify examples and prevent jargon - Simplified 'init' command, using the defaults - Provide synonym 'unlock' to explain the 'unsealing' process - Use 'key shares' instead of 'key-shares' or 'keyshares' - Briefly explain what 'sealing' means 2017-09-08 13:21:37 +01:00			`- Seal or 'lock' the Vault server by removing the encryption key of the data store from memory:`
vault: add page 2017-09-07 09:42:31 +01:00
			`vault seal`