search
Home

vhsm policy

Learn to write, read, list, and delete vHSM policies

The vhsm policy command groups subcommands for interacting with vHSM policies. Users can write, read, list, and delete policies.

hashtag
Usage

vhsm policy <subcommand> [options] [args]

hashtag
Subcommands

Subcommand
Description

delete

Deletes a policy by name.

fmt

Formats a local policy file.

list

Lists installed policies.

read

Prints the contents of a policy.

write

Uploads a named policy from a file.

hashtag
vhsm policy delete

Deletes the specified policy from the vHSM server. This action immediately affects all tokens associated with the policy.

circle-info

Note: The built-in default and root policies cannot be deleted.

Example

vhsm policy delete my-policy

Output

Success! Deleted policy: my-policy

This command does not have additional flags beyond the standard vHSM CLI options.

hashtag
vhsm policy fmt

Formats a local policy file according to vHSM's policy specification. This command overwrites the existing file.

Example

Output

This command does not have additional flags beyond the standard vHSM CLI options.

hashtag
vhsm policy list

Lists the names of all installed policies in the vHSM server.

Example

Output:

Options

Flag
Type
Default
Description

-format

string

table

Output format: table, json, or yaml. Can also be set via VAULT_FORMAT.

hashtag
vhsm policy read

Displays the contents and metadata of a specified policy. Returns an error if the policy does not exist.

Example

Output

Options

Flag
Type
Default
Description

-format

string

table

Output format: table, json, or yaml. Can also be set via VAULT_FORMAT.

hashtag
vhsm policy write

Uploads a policy from a file or standard input.

Examples

Upload a policy from a local file:

Upload a policy from stdin:

Output

This command does not have additional flags beyond the standard Vault CLI options.

Previousvhsm tokenNextSecurity and Encryption

Last updated

Was this helpful?