vhsm patch

Learn to update data in a vHSM server at a specified path.

The vhsm patch command updates data in vHSM server at the specified path. It functions as a wrapper for HTTP PATCH, using the JSON Patch format. The data can include credentials, secrets, configuration, or arbitrary key-value pairs.

Unlike write, the patch command only modifies specified data without overwriting other existing values.

Examples

Action
Command

Update a PKI role to modify a single parameter

vhsm patch pki/roles/example allow_localhost=false

Update a PKI role using JSON input

vhsm patch pki/roles/example - < request_payload.json

API versus CLI equivalent

The following vhsm patch command:

vhsm patch pki/roles/example allow_localhost=false

Is equivalent to the following cURL command:

tee request_payload.json -<<EOF
{
   "organization": "enclaive"
}
EOF

curl --header "X-Vault-Token: $VAULT_TOKEN" \
     --request PATCH \
     --header 'Content-Type: application/merge-patch+json' \
     --data @request_payload.json \
     $VAULT_ADDR/v1/pki/roles/example

The CLI vhsm patch simplifies this API call.

Usage

vhsm patch <path> [options] [key=value] [...]
  • The command updates existing values at the given vHSM path.

  • Data can be provided as key-value pairs, from a file (@filename), or via stdin (-).

Command Options

Option
Description
Default

-field=<name>

Print only a specific field in the output

None

-format=<format>

Output format: table, json, or yaml

table

-force or -f

Allow operation with no key=value pairs (useful for paths that don't require data)

false

Last updated

Was this helpful?