search
Home

vhsm write

Learn to write data to a vHSM server at a specified path to store credentials, secrets, configurations, or arbitrary data.

The vhsm write command writes data to vHSM at the given path. It is a wrapper for HTTP PUT or POST requests. This command is used to store credentials, secrets, configurations, or arbitrary data. The behavior of this command depends on the secret engine mounted at the specified path.

Data is provided as key=value pairs. Special handling includes:

  • Values starting with @ are loaded from a file.

  • Values set to - are read from stdin.

  • If - is the only argument, vhsm write reads a JSON blob from stdin.

hashtag
Usage

vhsm write <path> <key=value> [options]

hashtag
Subcommands and Options

Option
Type
Description

-field

<string>

Prints only the specified field in the selected format (ideal for piping).

-format

<string>

Specifies the output format. Valid values: table, json, yaml. Defaults to table.

-force / -f

Allows write operations without key-value pairs. Used for actions that don’t require data.

hashtag
Examples

Action
Command

Store arbitrary secrets

vhsm write cubbyhole/git-credentials username="student01" password="p@$$w0rd"

Create a new encryption key in the transit secrets engine

vhsm write -force transit/keys/my-key

Upload an AWS IAM policy from a file

vhsm write aws/roles/ops [email protected]

Configure access to Consul using an access token

`echo $MY_TOKEN

Create a token with TTL, policy, and usage limit

vhsm write auth/token/create policies="admin" policies="secops" ttl=8h num_uses=3

hashtag
Equivalent API request using cURL

hashtag
Simplified token creation using CLI

Output

Previousvhsm readNextvhsm delete

Last updated

Was this helpful?