- 12 Nov 2024
-
DarkLight
-
PDF
describe secret
- Updated on 12 Nov 2024
-
DarkLight
-
PDF
iagctl describe secret
Get a secret from gateway
Synopsis
It is very important to understand this command will reveal the actual value of the secret on the command-line in the default terminal editor. If the secret is not set via the EDITOR
environment variable, gateway will default to vim
. The temporary file will be removed after exiting the editor. This is a security design that prevents the password being inadvertently printed to logs.
The gateway will need to know where the encryption key file exists before running the actual command. This can be done via the --encryption-file
flag or the GATEWAY_SECRETS_ENCRYPT_KEY_FILE
configuration variable.
iagctl describe secret <secret-name> [flags]
Use these steps to exit vim
:
- Press
Esc
to enter the Command mode. - Type
:
to launch the prompt bar. - Type
q
to send the quit command. - Press
Enter
.
Examples
Describe Secret via Encryption File Flag
iagctl describe secret my-secret \
--encryption-file /Users/gatewayuser/.gateway.d/gateway_secret.key
Describe Secret Via Encryption File Configuration Vars
This command assumes that you have previously set the configuration variable GATEWAY_SECRETS_ENCRYPT_KEY_FILE
.
iagctl describe secret my-secret
Options
--encryption-file string The file to use for the decryption of the secret.
-h, --help Help for secret
Options Inherited from Parent Commands
--config string Path to the configuration file
--raw Displays the result of the command in its raw format
--verbose Enable verbose output
CLI References
See related describe
commands:
For all CLI commands see → Command References Index