vhsm operator

The vhsm operator command groups subcommands for vHSM operators to manage and diagnose a vHSM server. These commands are primarily used for initialization, sealing/unsealing, key rotation, leadership management, and diagnostics.

Most end-users will not need to interact with these commands.

Usage

vhsm operator <subcommand> [options] [args]

Subcommands

Subcommand

Description

diagnose

Troubleshoot problems starting vHSM

generate-root

Generates a new root token

init

Initializes a vHSM server

key-status

Provides information about the active encryption key

members

Returns the list of nodes in the cluster

migrate

Migrates vHSM data between storage backends

raft

Interacts with vHSM's Raft storage backend

rekey

Generates new unseal keys

rotate

Rotates the underlying encryption key

seal

Seals the vHSM server, making it inaccessible

step-down

Forces vHSM to resign active duty

unseal

Unseals the vHSM server

usage

Lists historical client counts

Examples

Action

Command

Initialize a new cluster

vault operator init

Force vHSM to step down as leader

vault operator step-down

Rotate vHSM’s encryption key

vault operator rotate

Example Output for `init`

vhsm operator init
Unseal Key 1: sP/4C/fwIDjJmHEC2bi/1Pa43uKhsUQMmiB31GRzFc0R
Unseal Key 2: kHkw2xTBelbDFIMEgEC8NVX7NDSAZ+rdgBJ/HuJwxOX+
Unseal Key 3: +1+1ZnkQDfJFHDZPRq0wjFxEuEEHxDDOQxa8JJ/AYWcb
Unseal Key 4: cewseNJTLovmFrgpyY+9Hi5OgJlJgGGCg7PZyiVdPwN0
Unseal Key 5: wyd7rMGWX5fi0k36X4e+C4myt5CoTmJsHJ0rdYT7BQcF
Initial Root Token: 6662bb4a-afd0-4b6b-faad-e237fb564568

Previousvhsm namespace Nextvhsm print

Last updated 5 days ago

Was this helpful?

vhsm operator

Most end-users will not need to interact with these commands.

Usage

vhsm operator <subcommand> [options] [args]

Subcommands

Subcommand

Description

diagnose

Troubleshoot problems starting vHSM

generate-root

Generates a new root token

init

Initializes a vHSM server

key-status

Provides information about the active encryption key

members

Returns the list of nodes in the cluster

migrate

Migrates vHSM data between storage backends

raft

Interacts with vHSM's Raft storage backend

rekey

Generates new unseal keys

rotate

Rotates the underlying encryption key

seal

Seals the vHSM server, making it inaccessible

step-down

Forces vHSM to resign active duty

unseal

Unseals the vHSM server

usage

Lists historical client counts

Examples

Action

Command

Initialize a new cluster

vault operator init

Force vHSM to step down as leader

vault operator step-down

Rotate vHSM’s encryption key

vault operator rotate

Example Output for `init`

vhsm operator init
Unseal Key 1: sP/4C/fwIDjJmHEC2bi/1Pa43uKhsUQMmiB31GRzFc0R
Unseal Key 2: kHkw2xTBelbDFIMEgEC8NVX7NDSAZ+rdgBJ/HuJwxOX+
Unseal Key 3: +1+1ZnkQDfJFHDZPRq0wjFxEuEEHxDDOQxa8JJ/AYWcb
Unseal Key 4: cewseNJTLovmFrgpyY+9Hi5OgJlJgGGCg7PZyiVdPwN0
Unseal Key 5: wyd7rMGWX5fi0k36X4e+C4myt5CoTmJsHJ0rdYT7BQcF
Initial Root Token: 6662bb4a-afd0-4b6b-faad-e237fb564568

Previousvhsm namespace Nextvhsm print

Last updated 5 days ago

Was this helpful?

Usage

Subcommands

Examples

Example Output for init

Usage

Subcommands

Examples

Example Output for init

Example Output for `init`

Example Output for `init`