英文:
unable to get specific version of key-value from Hashicorp Vault
问题
我参考了上面的HashiCorp文档,以从Vault中读取特定版本的键值。
步骤 3:检索特定版本的秘密
curl --header "X-Vault-Token: $VAULT_TOKEN" \
$VAULT_ADDR/v1/secret/data/customer/acme\?version=1 | jq -r ".data"
在我的情况下,翻译为:
C:\Users\meuser>curl --header "X-Vault-Token: s.r8JA4TzlDd8Ps8GtCnmolSHJ" -H "X-Vault-Namespace: vault-poc/" https://eng-mybank.com/v1/kv/data/tool-common/dev\?version=1 | jq -r ".data"
输出:
> % Total % Received % Xferd Average Speed Time Time Time
> Current
>
> Dload Upload Total Spent Left Speed
>
> 100 14 100 14 0 0 10 0 0:00:01 0:00:01
> --:--:-- 10
>
> null
正如您所见,我得到了null而不是返回版本1的键值。
有4个版本的键值存在,从下面的UI快照也可以看出:
如果我简单地删除/?version=4,我会得到最新版本4的键值对,如下所示。
C:\Users\meuser>curl --header "X-Vault-Token: s.r8JA4TzlDd8Ps8GtCnmolSHJ" -H "X-Vault-Namespace: vault-poc/" https://eng-mybank.com/v1/kv/data/tool-common/dev | jq -r ".data"
输出:
> % Total % Received % Xferd Average Speed Time Time Time
> Current
>
> Dload Upload Total Spent Left Speed
>
> 100 358 100 358 0 0 246 0 0:00:01 0:00:01
> --:--:-- 247
>
> {
>
> "data": {
>
> "mykey1": "myvalue1",
>
> "mykey2": "myvalue2",
>
> "mykey3": "myvalue3",
>
> "mykey4": "myvalue4"
>
> },
>
> "metadata": {
>
> "created_time": "2023-06-06T18:21:49.815786014Z",
>
> "deletion_time": "",
>
> "destroyed": false,
>
> "version": 4
>
> }
>
> }
请问如何获取特定版本的键值?我还希望显示所有版本的键值,如果可能的话,请提供建议。
英文:
https://developer.hashicorp.com/vault/tutorials/secrets-management/versioned-kv
I'm referring to hashicorp documentation above to read a specific version of key-value from the vault.
Step 3: Retrieve a specific version of the secret
curl --header "X-Vault-Token: $VAULT_TOKEN" \
$VAULT_ADDR/v1/secret/data/customer/acme\?version=1 | jq -r ".data"
which in my case translates to:
C:\Users\meuser>curl --header "X-Vault-Token: s.r8JA4TzlDd8Ps8GtCnmolSHJ" -H "X-Vault-Namespace: vault-poc/" https://eng-mybank.com/v1/kv/data/tool-common/dev\?version=1 | jq -r ".data"
Output:
> % Total % Received % Xferd Average Speed Time Time Time
> Current
>
> Dload Upload Total Spent Left Speed
>
> 100 14 100 14 0 0 10 0 0:00:01 0:00:01
> --:--:-- 10
>
> null
As you can see instead of returning version 1 of the key-value I get null
The 4 versions of key-value exist and is also evident from the UI snapshot below:
If I simply remove /?version=4 I get the latest version 4 key-value pair as below.
C:\Users\meuser>curl --header "X-Vault-Token: s.r8JA4TzlDd8Ps8GtCnmolSHJ" -H "X-Vault-Namespace: vault-poc/" https://eng-mybank.com/v1/kv/data/tool-common/dev | jq -r ".data"
> % Total % Received % Xferd Average Speed Time Time Time
> Current
>
> Dload Upload Total Spent Left Speed
>
> 100 358 100 358 0 0 246 0 0:00:01 0:00:01
> --:--:-- 247
>
> {
>
> "data": {
>
> "mykey1": "myvalue1",
>
> "mykey2": "myvalue2",
>
> "mykey3": "myvalue3",
>
> "mykey4": "myvalue4"
>
> },
>
> "metadata": {
>
> "created_time": "2023-06-06T18:21:49.815786014Z",
>
> "deletion_time": "",
>
> "destroyed": false,
>
> "version": 4
>
> }
>
> }
Can you please suggest how can I get a specific version of key-value?
I would also like all the versions of the key-values to be displayed. If it is possible please suggest how?
答案1
得分: 1
API端点应更新,以不包括指定版本?version=1的转义字符\:
C:\Users\meuser>curl --header "X-Vault-Token: s.r8JA4TzlDd8Ps8GtCnmolSHJ" -H "X-Vault-Namespace: vault-poc/" https://eng-mybank.com/v1/kv/data/tool-common/dev?version=1 | jq -r ".data"
这应该会获取Vault API的响应,获取指定秘密版本的数据。
英文:
The API endpoint should be updated to not include the escape character \ for the specified version ?version=1:
C:\Users\meuser>curl --header "X-Vault-Token: s.r8JA4TzlDd8Ps8GtCnmolSHJ" -H "X-Vault-Namespace: vault-poc/" https://eng-mybank.com/v1/kv/data/tool-common/dev?version=1 | jq -r ".data"
That should GET the response from the Vault API for the specified secret version.
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论