Home

vhsm policy

Learn to write, read, list, and delete vHSM policies

The vhsm policy command groups subcommands for interacting with vHSM policies. Users can write, read, list, and delete policies.

Usage

vhsm policy <subcommand> [options] [args]

Subcommands

Subcommand
Description

delete

Deletes a policy by name.

fmt

Formats a local policy file.

list

Lists installed policies.

read

Prints the contents of a policy.

write

Uploads a named policy from a file.

vhsm policy delete

Deletes the specified policy from the vHSM server. This action immediately affects all tokens associated with the policy.

Note: The built-in default and root policies cannot be deleted.

Example

vhsm policy delete my-policy

Output

Success! Deleted policy: my-policy

This command does not have additional flags beyond the standard vHSM CLI options.

vhsm policy fmt

Formats a local policy file according to vHSM's policy specification. This command overwrites the existing file.

Example

Output

This command does not have additional flags beyond the standard vHSM CLI options.

vhsm policy list

Lists the names of all installed policies in the vHSM server.

Example

Output:

Options

Flag
Type
Default
Description

-format

string

table

Output format: table, json, or yaml. Can also be set via VAULT_FORMAT.

vhsm policy read

Displays the contents and metadata of a specified policy. Returns an error if the policy does not exist.

Example

Output

Options

Flag
Type
Default
Description

-format

string

table

Output format: table, json, or yaml. Can also be set via VAULT_FORMAT.

vhsm policy write

Uploads a policy from a file or standard input.

Examples

Upload a policy from a local file:

Upload a policy from stdin:

Output

This command does not have additional flags beyond the standard Vault CLI options.

Previousvhsm tokenNextSecurity and Encryption

Last updated

Was this helpful?