# VaultUpdate A tool to safely update Vault. Existing data is stored in history (which means rollbacks are supported). Diffs are printed. Individual keys can be updated at once. # Installation Install it yourself: ``` $ gem install vault-update ``` # Usage First, ensure that the `VAULT_ADDR` and `VAULT_TOKEN` environment variables are set, then... The basic summary: ``` $ vault-update --help Safely update Vault secrets (with rollbacks and history!) Usage: vault-update [options] -p SECRET_PATH KEY VALUE Environment Variables: VAULT_ADDR (required) VAULT_TOKEN (required) Options: -r, --rollback Roll back to previous release -p, --path= Secret path to update -s, --history= Show the last N entries of history -l, --last Show the last value -h, --help Show this message ``` ## Write a string value to a key ``` $ vault-update -p secret/example mykey myvalue Applying changes to secret/example: -null +{ + "mykey": "myvalue" +} ``` ## Roll the secret back to its previous value ``` $ vault-update -p secret/example -r Writing to secret/example: {"mykey":"myvalue"} ``` ## Show the current contents of the secret ``` $ vault-update -p secret/example -c { "mykey": "myvalue" } ``` ## Show the previous value (but do not roll back) ``` $ vault-update -p secret/example -l { "mykey": "oldvalue" } ``` ## Show the last N history entries ``` $ vault-update -p secret/example -s 2 2016-10-26 17:14:56 -0400: { "mykey": "reallyoldvalue" } 2016-10-26 17:15:03 -0400: { "mykey": "oldvalue" } ``` # License The gem is available as open source under the terms of the Apache license.