Search

Chapter 68. secret

download PDF

This chapter describes the commands under the secret command.

68.1. secret container create

Store a container in Barbican.

Usage:

openstack secret container create [-h]
                                         [-f {json,shell,table,value,yaml}]
                                         [-c COLUMN] [--noindent]
                                         [--prefix PREFIX]
                                         [--max-width <integer>] [--fit-width]
                                         [--print-empty] [--name NAME]
                                         [--type TYPE] [--secret SECRET]

Table 68.1. Command arguments
ValueSummary

-h, --help

Show this help message and exit

--name NAME, -n NAME

A human-friendly name.

--type TYPE

Type of container to create (default: generic).

--secret SECRET, -s SECRET

One secret to store in a container (can be set multiple times). Example: --secret "private_key=https://url.test/v1/secrets/1-2-3-4"

Table 68.2. Output formatter options
ValueSummary

-f {json,shell,table,value,yaml}, --format {json,shell,table,value,yaml}

The output format, defaults to table

-c COLUMN, --column COLUMN

Specify the column(s) to include, can be repeated

Table 68.3. JSON formatter options
ValueSummary

--noindent

Whether to disable indenting the json

Table 68.4. Shell formatter options
ValueSummary

--prefix PREFIX

Add a prefix to all variable names

Table 68.5. Table formatter options
ValueSummary

--max-width <integer>

Maximum display width, <1 to disable. you can also use the CLIFF_MAX_TERM_WIDTH environment variable, but the parameter takes precedence.

--fit-width

Fit the table to the display width. implied if --max- width greater than 0. Set the environment variable CLIFF_FIT_WIDTH=1 to always enable

--print-empty

Print empty table if there is no data to show.

68.2. secret container delete

Delete a container by providing its href.

Usage:

openstack secret container delete [-h] URI

Table 68.6. Positional arguments
ValueSummary

URI

The uri reference for the container

Table 68.7. Command arguments
ValueSummary

-h, --help

Show this help message and exit

68.3. secret container get

Retrieve a container by providing its URI.

Usage:

openstack secret container get [-h] [-f {json,shell,table,value,yaml}]
                                      [-c COLUMN] [--noindent]
                                      [--prefix PREFIX]
                                      [--max-width <integer>] [--fit-width]
                                      [--print-empty]
                                      URI

Table 68.8. Positional arguments
ValueSummary

URI

The uri reference for the container.

Table 68.9. Command arguments
ValueSummary

-h, --help

Show this help message and exit

Table 68.10. Output formatter options
ValueSummary

-f {json,shell,table,value,yaml}, --format {json,shell,table,value,yaml}

The output format, defaults to table

-c COLUMN, --column COLUMN

Specify the column(s) to include, can be repeated

Table 68.11. JSON formatter options
ValueSummary

--noindent

Whether to disable indenting the json

Table 68.12. Shell formatter options
ValueSummary

--prefix PREFIX

Add a prefix to all variable names

Table 68.13. Table formatter options
ValueSummary

--max-width <integer>

Maximum display width, <1 to disable. you can also use the CLIFF_MAX_TERM_WIDTH environment variable, but the parameter takes precedence.

--fit-width

Fit the table to the display width. implied if --max- width greater than 0. Set the environment variable CLIFF_FIT_WIDTH=1 to always enable

--print-empty

Print empty table if there is no data to show.

68.4. secret container list

List containers.

Usage:

openstack secret container list [-h] [-f {csv,json,table,value,yaml}]
                                       [-c COLUMN]
                                       [--quote {all,minimal,none,nonnumeric}]
                                       [--noindent] [--max-width <integer>]
                                       [--fit-width] [--print-empty]
                                       [--sort-column SORT_COLUMN]
                                       [--limit LIMIT] [--offset OFFSET]
                                       [--name NAME] [--type TYPE]

Table 68.14. Command arguments
ValueSummary

-h, --help

Show this help message and exit

--limit LIMIT, -l LIMIT

Specify the limit to the number of items to list per page (default: 10; maximum: 100)

--offset OFFSET, -o OFFSET

Specify the page offset (default: 0)

--name NAME, -n NAME

Specify the container name (default: none)

--type TYPE, -t TYPE

Specify the type filter for the list (default: none).

Table 68.15. Output formatter options
ValueSummary

-f {csv,json,table,value,yaml}, --format {csv,json,table,value,yaml}

The output format, defaults to table

-c COLUMN, --column COLUMN

Specify the column(s) to include, can be repeated

--sort-column SORT_COLUMN

Specify the column(s) to sort the data (columns specified first have a priority, non-existing columns are ignored), can be repeated

Table 68.16. CSV formatter options
ValueSummary

--quote {all,minimal,none,nonnumeric}

When to include quotes, defaults to nonnumeric

Table 68.17. JSON formatter options
ValueSummary

--noindent

Whether to disable indenting the json

Table 68.18. Table formatter options
ValueSummary

--max-width <integer>

Maximum display width, <1 to disable. you can also use the CLIFF_MAX_TERM_WIDTH environment variable, but the parameter takes precedence.

--fit-width

Fit the table to the display width. implied if --max- width greater than 0. Set the environment variable CLIFF_FIT_WIDTH=1 to always enable

--print-empty

Print empty table if there is no data to show.

68.5. secret delete

Delete a secret by providing its URI.

Usage:

openstack secret delete [-h] URI

Table 68.19. Positional arguments
ValueSummary

URI

The uri reference for the secret

Table 68.20. Command arguments
ValueSummary

-h, --help

Show this help message and exit

68.6. secret get

Retrieve a secret by providing its URI.

Usage:

openstack secret get [-h] [-f {json,shell,table,value,yaml}]
                            [-c COLUMN] [--noindent] [--prefix PREFIX]
                            [--max-width <integer>] [--fit-width]
                            [--print-empty]
                            [--decrypt | --payload | --file <filename>]
                            [--payload_content_type PAYLOAD_CONTENT_TYPE]
                            URI

Table 68.21. Positional arguments
ValueSummary

URI

The uri reference for the secret.

Table 68.22. Command arguments
ValueSummary

-h, --help

Show this help message and exit

--decrypt, -d

If specified, retrieve the unencrypted secret data.

--payload, -p

If specified, retrieve the unencrypted secret data.

--file <filename>, -F <filename>

If specified, save the payload to a new file with the given filename.

--payload_content_type PAYLOAD_CONTENT_TYPE, -t PAYLOAD_CONTENT_TYPE

The content type of the decrypted secret (default: text/plain).

Table 68.23. Output formatter options
ValueSummary

-f {json,shell,table,value,yaml}, --format {json,shell,table,value,yaml}

The output format, defaults to table

-c COLUMN, --column COLUMN

Specify the column(s) to include, can be repeated

Table 68.24. JSON formatter options
ValueSummary

--noindent

Whether to disable indenting the json

Table 68.25. Shell formatter options
ValueSummary

--prefix PREFIX

Add a prefix to all variable names

Table 68.26. Table formatter options
ValueSummary

--max-width <integer>

Maximum display width, <1 to disable. you can also use the CLIFF_MAX_TERM_WIDTH environment variable, but the parameter takes precedence.

--fit-width

Fit the table to the display width. implied if --max- width greater than 0. Set the environment variable CLIFF_FIT_WIDTH=1 to always enable

--print-empty

Print empty table if there is no data to show.

68.7. secret list

List secrets.

Usage:

openstack secret list [-h] [-f {csv,json,table,value,yaml}] [-c COLUMN]
                             [--quote {all,minimal,none,nonnumeric}]
                             [--noindent] [--max-width <integer>]
                             [--fit-width] [--print-empty]
                             [--sort-column SORT_COLUMN] [--limit LIMIT]
                             [--offset OFFSET] [--name NAME]
                             [--algorithm ALGORITHM] [--bit-length BIT_LENGTH]
                             [--mode MODE] [--secret-type SECRET_TYPE]

Table 68.27. Command arguments
ValueSummary

-h, --help

Show this help message and exit

--limit LIMIT, -l LIMIT

Specify the limit to the number of items to list per page (default: 10; maximum: 100)

--offset OFFSET, -o OFFSET

Specify the page offset (default: 0)

--name NAME, -n NAME

Specify the secret name (default: none)

--algorithm ALGORITHM, -a ALGORITHM

The algorithm filter for the list(default: none).

--bit-length BIT_LENGTH, -b BIT_LENGTH

The bit length filter for the list (default: 0).

--mode MODE, -m MODE

The algorithm mode filter for the list (default: None).

--secret-type SECRET_TYPE, -s SECRET_TYPE

Specify the secret type (default: none).

Table 68.28. Output formatter options
ValueSummary

-f {csv,json,table,value,yaml}, --format {csv,json,table,value,yaml}

The output format, defaults to table

-c COLUMN, --column COLUMN

Specify the column(s) to include, can be repeated

--sort-column SORT_COLUMN

Specify the column(s) to sort the data (columns specified first have a priority, non-existing columns are ignored), can be repeated

Table 68.29. CSV formatter options
ValueSummary

--quote {all,minimal,none,nonnumeric}

When to include quotes, defaults to nonnumeric

Table 68.30. JSON formatter options
ValueSummary

--noindent

Whether to disable indenting the json

Table 68.31. Table formatter options
ValueSummary

--max-width <integer>

Maximum display width, <1 to disable. you can also use the CLIFF_MAX_TERM_WIDTH environment variable, but the parameter takes precedence.

--fit-width

Fit the table to the display width. implied if --max- width greater than 0. Set the environment variable CLIFF_FIT_WIDTH=1 to always enable

--print-empty

Print empty table if there is no data to show.

68.8. secret order create

Create a new order.

Usage:

openstack secret order create [-h] [-f {json,shell,table,value,yaml}]
                                     [-c COLUMN] [--noindent]
                                     [--prefix PREFIX] [--max-width <integer>]
                                     [--fit-width] [--print-empty]
                                     [--name NAME] [--algorithm ALGORITHM]
                                     [--bit-length BIT_LENGTH] [--mode MODE]
                                     [--payload-content-type PAYLOAD_CONTENT_TYPE]
                                     [--expiration EXPIRATION]
                                     [--request-type REQUEST_TYPE]
                                     [--subject-dn SUBJECT_DN]
                                     [--source-container-ref SOURCE_CONTAINER_REF]
                                     [--ca-id CA_ID] [--profile PROFILE]
                                     [--request-file REQUEST_FILE]
                                     type

Table 68.32. Positional arguments
ValueSummary

type

The type of the order (key, asymmetric, certificate) to create.

Table 68.33. Command arguments
ValueSummary

-h, --help

Show this help message and exit

--name NAME, -n NAME

A human-friendly name.

--algorithm ALGORITHM, -a ALGORITHM

The algorithm to be used with the requested key (default: aes).

--bit-length BIT_LENGTH, -b BIT_LENGTH

The bit length of the requested secret key (default: 256).

--mode MODE, -m MODE

The algorithm mode to be used with the requested key (default: cbc).

--payload-content-type PAYLOAD_CONTENT_TYPE, -t PAYLOAD_CONTENT_TYPE

The type/format of the secret to be generated (default: application/octet-stream).

--expiration EXPIRATION, -x EXPIRATION

The expiration time for the secret in iso 8601 format.

--request-type REQUEST_TYPE

The type of the certificate request.

--subject-dn SUBJECT_DN

The subject of the certificate.

--source-container-ref SOURCE_CONTAINER_REF

The source of the certificate when using stored-key requests.

--ca-id CA_ID

The identifier of the ca to use for the certificate request.

--profile PROFILE

The profile of certificate to use.

--request-file REQUEST_FILE

The file containing the csr.

Table 68.34. Output formatter options
ValueSummary

-f {json,shell,table,value,yaml}, --format {json,shell,table,value,yaml}

The output format, defaults to table

-c COLUMN, --column COLUMN

Specify the column(s) to include, can be repeated

Table 68.35. JSON formatter options
ValueSummary

--noindent

Whether to disable indenting the json

Table 68.36. Shell formatter options
ValueSummary

--prefix PREFIX

Add a prefix to all variable names

Table 68.37. Table formatter options
ValueSummary

--max-width <integer>

Maximum display width, <1 to disable. you can also use the CLIFF_MAX_TERM_WIDTH environment variable, but the parameter takes precedence.

--fit-width

Fit the table to the display width. implied if --max- width greater than 0. Set the environment variable CLIFF_FIT_WIDTH=1 to always enable

--print-empty

Print empty table if there is no data to show.

68.9. secret order delete

Delete an order by providing its href.

Usage:

openstack secret order delete [-h] URI

Table 68.38. Positional arguments
ValueSummary

URI

The uri reference for the order

Table 68.39. Command arguments
ValueSummary

-h, --help

Show this help message and exit

68.10. secret order get

Retrieve an order by providing its URI.

Usage:

openstack secret order get [-h] [-f {json,shell,table,value,yaml}]
                                  [-c COLUMN] [--noindent] [--prefix PREFIX]
                                  [--max-width <integer>] [--fit-width]
                                  [--print-empty]
                                  URI

Table 68.40. Positional arguments
ValueSummary

URI

The uri reference order.

Table 68.41. Command arguments
ValueSummary

-h, --help

Show this help message and exit

Table 68.42. Output formatter options
ValueSummary

-f {json,shell,table,value,yaml}, --format {json,shell,table,value,yaml}

The output format, defaults to table

-c COLUMN, --column COLUMN

Specify the column(s) to include, can be repeated

Table 68.43. JSON formatter options
ValueSummary

--noindent

Whether to disable indenting the json

Table 68.44. Shell formatter options
ValueSummary

--prefix PREFIX

Add a prefix to all variable names

Table 68.45. Table formatter options
ValueSummary

--max-width <integer>

Maximum display width, <1 to disable. you can also use the CLIFF_MAX_TERM_WIDTH environment variable, but the parameter takes precedence.

--fit-width

Fit the table to the display width. implied if --max- width greater than 0. Set the environment variable CLIFF_FIT_WIDTH=1 to always enable

--print-empty

Print empty table if there is no data to show.

68.11. secret order list

List orders.

Usage:

openstack secret order list [-h] [-f {csv,json,table,value,yaml}]
                                   [-c COLUMN]
                                   [--quote {all,minimal,none,nonnumeric}]
                                   [--noindent] [--max-width <integer>]
                                   [--fit-width] [--print-empty]
                                   [--sort-column SORT_COLUMN] [--limit LIMIT]
                                   [--offset OFFSET]

Table 68.46. Command arguments
ValueSummary

-h, --help

Show this help message and exit

--limit LIMIT, -l LIMIT

Specify the limit to the number of items to list per page (default: 10; maximum: 100)

--offset OFFSET, -o OFFSET

Specify the page offset (default: 0)

Table 68.47. Output formatter options
ValueSummary

-f {csv,json,table,value,yaml}, --format {csv,json,table,value,yaml}

The output format, defaults to table

-c COLUMN, --column COLUMN

Specify the column(s) to include, can be repeated

--sort-column SORT_COLUMN

Specify the column(s) to sort the data (columns specified first have a priority, non-existing columns are ignored), can be repeated

Table 68.48. CSV formatter options
ValueSummary

--quote {all,minimal,none,nonnumeric}

When to include quotes, defaults to nonnumeric

Table 68.49. JSON formatter options
ValueSummary

--noindent

Whether to disable indenting the json

Table 68.50. Table formatter options
ValueSummary

--max-width <integer>

Maximum display width, <1 to disable. you can also use the CLIFF_MAX_TERM_WIDTH environment variable, but the parameter takes precedence.

--fit-width

Fit the table to the display width. implied if --max- width greater than 0. Set the environment variable CLIFF_FIT_WIDTH=1 to always enable

--print-empty

Print empty table if there is no data to show.

68.12. secret store

Store a secret in Barbican.

Usage:

openstack secret store [-h] [-f {json,shell,table,value,yaml}]
                              [-c COLUMN] [--noindent] [--prefix PREFIX]
                              [--max-width <integer>] [--fit-width]
                              [--print-empty] [--name NAME]
                              [--secret-type SECRET_TYPE]
                              [--payload-content-type PAYLOAD_CONTENT_TYPE]
                              [--payload-content-encoding PAYLOAD_CONTENT_ENCODING]
                              [--algorithm ALGORITHM]
                              [--bit-length BIT_LENGTH] [--mode MODE]
                              [--expiration EXPIRATION]
                              [--payload PAYLOAD | --file <filename>]

Table 68.51. Command arguments
ValueSummary

-h, --help

Show this help message and exit

--name NAME, -n NAME

A human-friendly name.

--secret-type SECRET_TYPE, -s SECRET_TYPE

The secret type; must be one of symmetric, public, private, certificate, passphrase, opaque (default)

--payload-content-type PAYLOAD_CONTENT_TYPE, -t PAYLOAD_CONTENT_TYPE

The type/format of the provided secret data; "text/plain" is assumed to be UTF-8; required when --payload is supplied.

--payload-content-encoding PAYLOAD_CONTENT_ENCODING, -e PAYLOAD_CONTENT_ENCODING

Required if --payload-content-type is "application/octet-stream".

--algorithm ALGORITHM, -a ALGORITHM

The algorithm (default: aes).

--bit-length BIT_LENGTH, -b BIT_LENGTH

The bit length (default: 256).

--mode MODE, -m MODE

The algorithm mode; used only for reference (default: cbc)

--expiration EXPIRATION, -x EXPIRATION

The expiration time for the secret in iso 8601 format.

--payload PAYLOAD, -p PAYLOAD

The unencrypted secret data.

--file <filename>, -F <filename>

File containing the secret payload

Table 68.52. Output formatter options
ValueSummary

-f {json,shell,table,value,yaml}, --format {json,shell,table,value,yaml}

The output format, defaults to table

-c COLUMN, --column COLUMN

Specify the column(s) to include, can be repeated

Table 68.53. JSON formatter options
ValueSummary

--noindent

Whether to disable indenting the json

Table 68.54. Shell formatter options
ValueSummary

--prefix PREFIX

Add a prefix to all variable names

Table 68.55. Table formatter options
ValueSummary

--max-width <integer>

Maximum display width, <1 to disable. you can also use the CLIFF_MAX_TERM_WIDTH environment variable, but the parameter takes precedence.

--fit-width

Fit the table to the display width. implied if --max- width greater than 0. Set the environment variable CLIFF_FIT_WIDTH=1 to always enable

--print-empty

Print empty table if there is no data to show.

68.13. secret update

Update a secret with no payload in Barbican.

Usage:

openstack secret update [-h] URI payload

Table 68.56. Positional arguments
ValueSummary

URI

The uri reference for the secret.

payload

The unencrypted secret

Table 68.57. Command arguments
ValueSummary

-h, --help

Show this help message and exit

Red Hat logoGithubRedditYoutubeTwitter

Learn

Try, buy, & sell

Communities

About Red Hat Documentation

We help Red Hat users innovate and achieve their goals with our products and services with content they can trust.

Making open source more inclusive

Red Hat is committed to replacing problematic language in our code, documentation, and web properties. For more details, see the Red Hat Blog.

About Red Hat

We deliver hardened solutions that make it easier for enterprises to work across platforms and environments, from the core datacenter to the network edge.

© 2024 Red Hat, Inc.