vhsm lease
Learn to use vhsm lease command to interact with the leases attached to the secrets.
The vhsm lease command groups subcommands for interacting with leases attached to secrets. For leases attached to tokens, use the vhsm token subcommand.
Usage
vhsm lease <subcommand> [options] [args]Subcommands
vhsm lease lookup
vhsm lease lookupThe lookup command retrieves information on the lease of a secret.
Example
vhsm lease lookup database/creds/readonly/27e1b9a1-27b8-83d9-9fe0-d99d786bdc83Output
Key Value
--- -----
expire_time 2021-03-17T11:55:50.755313-05:00
id database/creds/readonly/27e1b9a1-27b8-83d9-9fe0-d99d786bdc83
issue_time 2021-03-17T11:45:50.755312-05:00
last_renewal <nil>
renewable true
ttl 9m52svhsm lease renew
vhsm lease renewRenews the lease on a secret, extending its usage before revocation by vHSM. Renewing a lease does not change the contents of the secret.
Example
vhsm lease renew database/creds/readonly/27e1b9a1-27b8-83d9-9fe0-d99d786bdc83Output
Key Value
--- -----
lease_id database/creds/readonly/27e1b9a1-27b8-83d9-9fe0-d99d786bdc83
lease_duration 5m
lease_renewable trueOptions
-increment <duration>
Request a specific increment in seconds. vHSM may not honor this request.
vhsm lease revoke
vhsm lease revokeRevokes the lease on a secret, invalidating the underlying secret.
Example 1: Revoke a specific lease
vhsm lease revoke database/creds/readonly/27e1b9a1-27b8-83d9-9fe0-d99d786bdc83Output
Success! Revoked lease: database/creds/readonly/27e1b9a1-27b8-83d9-9fe0-d99d786bdc83Example 2: Revoke leases with a specific prefix
vhsm lease revoke -prefix database/credsOutput
Success! Revoked any leases with prefix: database/credsOptions
-force (-f)
Delete the lease from vHSM even if secret engine revocation fails. Requires -prefix. Default: false.
-prefix
Treat the ID as a prefix instead of an exact lease ID, allowing multiple leases to be revoked. Default: false.
-sync
Make the operation synchronous instead of queuing revocations in the background. Default: false.
Last updated
Was this helpful?