This API allows you to conveniently store, access and share sensitive data.
- Secret management commands
- Secret Version management commands
- Access a SecretVersion, returning the sensitive data
- Create a SecretVersion
- Destroy a SecretVersion, permanently destroying the sensitive data
- Disable a SecretVersion
- Enable a SecretVersion
- Get metadata of a SecretVersion
- List versions of a secret, not returning any sensitive data
- Update metadata of a SecretVersion
Logical container made up of zero or more immutable versions, that hold the sensitive data.
Create a Secret containing no versions.
Usage:
scw secret secret create [arg=value ...]
Args:
Name | Description | |
---|---|---|
project-id | Project ID to use. If none is passed the default project ID will be used | |
name | Name of the Secret | |
tags.{index} | List of tags associated to this Secret | |
description | Description of the Secret | |
region | Default: fr-par One of: fr-par |
Region to target. If none is passed will use default region from the config |
Examples:
Add a given secret
scw secret secret create name=foobar description="$(cat <path/to/your/secret>)"
Delete a secret.
Usage:
scw secret secret delete [arg=value ...]
Args:
Name | Description | |
---|---|---|
secret-id | Required | ID of the Secret |
region | Default: fr-par One of: fr-par |
Region to target. If none is passed will use default region from the config |
Examples:
Delete a given secret
scw secret secret delete secret-id=11111111-1111-1111-1111-111111111111
Get metadata of a Secret.
Usage:
scw secret secret get [arg=value ...]
Args:
Name | Description | |
---|---|---|
secret-id | Required | ID of the Secret |
region | Default: fr-par One of: fr-par |
Region to target. If none is passed will use default region from the config |
List Secrets.
Usage:
scw secret secret list [arg=value ...]
Args:
Name | Description | |
---|---|---|
project-id | ID of a project to filter on (optional) | |
name | Secret name to filter on (optional) | |
tags.{index} | List of tags to filter on (optional) | |
order-by | One of: name_asc , name_desc , created_at_asc , created_at_desc , updated_at_asc , updated_at_desc |
|
organization-id | ID of an organization to filter on (optional) | |
region | Default: fr-par One of: fr-par , all |
Region to target. If none is passed will use default region from the config |
Update metadata of a Secret.
Usage:
scw secret secret update [arg=value ...]
Args:
Name | Description | |
---|---|---|
secret-id | Required | ID of the Secret |
name | New name of the Secret (optional) | |
tags.{index} | New list of tags associated to this Secret (optional) | |
description | Description of the Secret | |
region | Default: fr-par One of: fr-par |
Region to target. If none is passed will use default region from the config |
Immutable version of a secret.
Access a SecretVersion, returning the sensitive data.
Usage:
scw secret version access [arg=value ...]
Args:
Name | Description | |
---|---|---|
secret-id | Required | ID of the Secret |
revision | Required | Revision of the SecretVersion (may be a number or "latest") |
region | Default: fr-par One of: fr-par |
Region to target. If none is passed will use default region from the config |
Create a SecretVersion.
Usage:
scw secret version create [arg=value ...]
Args:
Name | Description | |
---|---|---|
secret-id | Required | ID of the Secret |
data | Required | Content of the secret version. Base64 is handled by the SDK |
description | Description of the SecretVersion | |
region | Default: fr-par One of: fr-par |
Region to target. If none is passed will use default region from the config |
Destroy a SecretVersion, permanently destroying the sensitive data.
Usage:
scw secret version delete [arg=value ...]
Args:
Name | Description | |
---|---|---|
secret-id | Required | ID of the Secret |
revision | Required | Revision of the SecretVersion (may be a number or "latest") |
region | Default: fr-par One of: fr-par |
Region to target. If none is passed will use default region from the config |
Examples:
Delete a given Secret Version
scw secret version delete secret-id=11111111-1111-1111-1111-111111111111 revision=1
Disable a SecretVersion.
Usage:
scw secret version disable [arg=value ...]
Args:
Name | Description | |
---|---|---|
secret-id | Required | ID of the Secret |
revision | Required | Revision of the SecretVersion (may be a number or "latest") |
region | Default: fr-par One of: fr-par |
Region to target. If none is passed will use default region from the config |
Enable a SecretVersion.
Usage:
scw secret version enable [arg=value ...]
Args:
Name | Description | |
---|---|---|
secret-id | Required | ID of the Secret |
revision | Required | Revision of the SecretVersion (may be a number or "latest") |
region | Default: fr-par One of: fr-par |
Region to target. If none is passed will use default region from the config |
Get metadata of a SecretVersion.
Usage:
scw secret version get [arg=value ...]
Args:
Name | Description | |
---|---|---|
secret-id | Required | ID of the Secret |
revision | Required | Revision of the SecretVersion (may be a number or "latest") |
region | Default: fr-par One of: fr-par |
Region to target. If none is passed will use default region from the config |
List versions of a secret, not returning any sensitive data.
Usage:
scw secret version list [arg=value ...]
Args:
Name | Description | |
---|---|---|
secret-id | Required | ID of the Secret |
status.{index} | One of: unknown , enabled , disabled , destroyed |
Filter results by status |
region | Default: fr-par One of: fr-par , all |
Region to target. If none is passed will use default region from the config |
Update metadata of a SecretVersion.
Usage:
scw secret version update [arg=value ...]
Args:
Name | Description | |
---|---|---|
secret-id | Required | ID of the Secret |
revision | Required | Revision of the SecretVersion (may be a number or "latest") |
description | Description of the SecretVersion | |
region | Default: fr-par One of: fr-par |
Region to target. If none is passed will use default region from the config |