search
DocumentationTutorialsTry Cloud!

/sys/remount

The Remount documentation details the endpoints required to trigger and monitor the status of a remount operation.

hashtag
Move backend

The /sys/remount endpoint moves an already-mounted backend to a new mount point. Remounting works for both secret engines and auth methods.

Vault returns a migration ID when the remount operation completes. You can use the migration ID to look up the status of the mount migration. More details about the remount operation are described in Mount Migration.

~> Note: This endpoint requires a policy with both sudo and update capabilities to sys/remount

~> Note: A mount migration will revoke all leases for the secrets of a secrets backend or tokens of an auth backend, depending on which type of backend is being moved.

Method
Path

POST

/sys/remount

hashtag
Parameters

  • from (string: <required>) – Specifies the previous mount point.

  • to (string: <required>) – Specifies the new destination mount point.

hashtag
Sample payload ( cross namespace )

{
  "from": "ns1/ns2/secret",
  "to": "ns1/ns3/new-secret"
}

hashtag
Sample payload ( cross namespace, auth mount )

hashtag
Sample payload ( within namespace )

hashtag
Sample request

hashtag
Sample response

hashtag
Monitor migration status

This endpoint is used to monitor the status of a mount migration operation, using the ID returned in the response of the sys/remount call. The response contains the passed-in ID, the source and target mounts, and a status field that displays in-progress, success or failure.

Method
Path

GET

/sys/remount/status/:migration_id

hashtag
Parameters

  • migration_id (string: <required>) – Specifies the id of the mount migration

hashtag
Sample request

hashtag
Sample response

Previous/sys/rekey-recovery-keyNext/sys/rotate

Last updated