This API allows you to conveniently store, access and share sensitive data.
Location of the secret in the directory structure.
Create folder.
Usage:
scw secret folder create [arg=value ...]
Args:
| Name | Description | |
|---|---|---|
| project-id | Project ID to use. If none is passed the default project ID will be used | |
| name | Name of the folder | |
| path | Path of the folder | |
| region | Default: fr-parOne of: fr-par |
Region to target. If none is passed will use default region from the config |
Delete a given folder specified by the region and folder_id parameters.
Usage:
scw secret folder delete [arg=value ...]
Args:
| Name | Description | |
|---|---|---|
| folder-id | Required | ID of the folder |
| region | Default: fr-parOne of: fr-par |
Region to target. If none is passed will use default region from the config |
Retrieve the list of folders created within a Project.
Usage:
scw secret folder list [arg=value ...]
Args:
| Name | Description | |
|---|---|---|
| project-id | Filter by Project ID (optional) | |
| path | Filter by path (optional) | |
| order-by | One of: created_at_asc, created_at_desc, name_asc, name_desc |
|
| region | Default: fr-parOne of: fr-par, all |
Region to target. If none is passed will use default region from the config |
Secrets are logical containers made up of zero or more immutable versions, that contain sensitive data.
You must specify the region to create a secret.
Usage:
scw secret secret create [arg=value ...]
Args:
| Name | Description | |
|---|---|---|
| project-id | Project ID to use. If none is passed the default project ID will be used | |
| name | Name of the secret | |
| tags.{index} | List of the secret's tags | |
| description | Description of the secret | |
| type | One of: unknown_secret_type, opaque, certificate |
Type of the secret |
| path | Path of the secret | |
| region | Default: fr-parOne of: fr-par |
Region to target. If none is passed will use default region from the config |
Examples:
Add a given secret
scw secret secret create name=foobar description="$(cat <path/to/your/secret>)"
Delete a given secret specified by the region and secret_id parameters.
Usage:
scw secret secret delete [arg=value ...]
Args:
| Name | Description | |
|---|---|---|
| secret-id | Required | ID of the secret |
| region | Default: fr-parOne of: fr-par |
Region to target. If none is passed will use default region from the config |
Examples:
Delete a given secret
scw secret secret delete secret-id=11111111-1111-1111-1111-111111111111
Retrieve the metadata of a secret specified by the region and secret_id parameters.
Usage:
scw secret secret get [arg=value ...]
Args:
| Name | Description | |
|---|---|---|
| secret-id | Required | ID of the secret |
| region | Default: fr-parOne of: fr-par |
Region to target. If none is passed will use default region from the config |
Retrieve the list of secrets created within an Organization and/or Project. You must specify either the organization_id or the project_id and the region.
Usage:
scw secret secret list [arg=value ...]
Args:
| Name | Description | |
|---|---|---|
| project-id | Filter by Project ID (optional) | |
| order-by | One of: name_asc, name_desc, created_at_asc, created_at_desc, updated_at_asc, updated_at_desc |
|
| tags.{index} | List of tags to filter on (optional) | |
| name | Filter by secret name (optional) | |
| is-managed | Filter by managed / not managed (optional) | |
| path | Filter by path (optional) | |
| organization-id | Filter by Organization ID (optional) | |
| region | Default: fr-parOne of: fr-par, all |
Region to target. If none is passed will use default region from the config |
Edit a secret's metadata such as name, tag(s) and description. The secret to update is specified by the secret_id and region parameters.
Usage:
scw secret secret update [arg=value ...]
Args:
| Name | Description | |
|---|---|---|
| secret-id | Required | ID of the secret |
| name | Secret's updated name (optional) | |
| tags.{index} | Secret's updated list of tags (optional) | |
| description | Description of the secret | |
| path | Path of the folder | |
| region | Default: fr-parOne of: fr-par |
Region to target. If none is passed will use default region from the config |
Versions store the sensitive data contained in your secrets (API keys, passwords, or certificates).
Access sensitive data in a secret's version specified by the region, secret_id and revision parameters.
Usage:
scw secret version access [arg=value ...]
Args:
| Name | Description | |
|---|---|---|
| secret-id | Required | ID of the secret |
| revision | Required | Version number |
| region | Default: fr-parOne of: fr-par |
Region to target. If none is passed will use default region from the config |
Create a version of a given secret specified by the region and secret_id parameters.
Usage:
scw secret version create [arg=value ...]
Args:
| Name | Description | |
|---|---|---|
| secret-id | Required | ID of the secret |
| data | Required | Content of the secret version. Base64 is handled by the SDK |
| description | Description of the version | |
| disable-previous | Disable the previous secret version | |
| password-generation.length | Length of the password to generate (between 1 and 1024) | |
| password-generation.no-lowercase-letters | Do not include lower case letters by default in the alphabet | |
| password-generation.no-uppercase-letters | Do not include upper case letters by default in the alphabet | |
| password-generation.no-digits | Do not include digits by default in the alphabet | |
| password-generation.additional-chars | Additional ascii characters to be included in the alphabet | |
| data-crc32 | (Optional.) The CRC32 checksum of the data as a base-10 integer | |
| region | Default: fr-parOne of: fr-par |
Region to target. If none is passed will use default region from the config |
Delete a secret's version and the sensitive data contained in it. Deleting a version is permanent and cannot be undone.
Usage:
scw secret version delete [arg=value ...]
Args:
| Name | Description | |
|---|---|---|
| secret-id | Required | ID of the secret |
| revision | Required | Version number |
| region | Default: fr-parOne of: fr-par |
Region to target. If none is passed will use default region from the config |
Examples:
Delete a given Secret Version
scw secret version delete secret-id=11111111-1111-1111-1111-111111111111 revision=1
Make a specific version inaccessible. You must specify the region, secret_id and revision parameters.
Usage:
scw secret version disable [arg=value ...]
Args:
| Name | Description | |
|---|---|---|
| secret-id | Required | ID of the secret |
| revision | Required | Version number |
| region | Default: fr-parOne of: fr-par |
Region to target. If none is passed will use default region from the config |
Make a specific version accessible. You must specify the region, secret_id and revision parameters.
Usage:
scw secret version enable [arg=value ...]
Args:
| Name | Description | |
|---|---|---|
| secret-id | Required | ID of the secret |
| revision | Required | Version number |
| region | Default: fr-parOne of: fr-par |
Region to target. If none is passed will use default region from the config |
Generate a password for the given secret specified by the region and secret_id parameters. This will also create a new version of the secret that will store the password.
Usage:
scw secret version generate-password [arg=value ...]
Args:
| Name | Description | |
|---|---|---|
| secret-id | Required | ID of the secret |
| description | Description of the version | |
| disable-previous | (Optional.) Disable the previous secret version | |
| length | Length of the password to generate (between 1 and 1024 characters) | |
| no-lowercase-letters | (Optional.) Exclude lower case letters by default in the password character set | |
| no-uppercase-letters | (Optional.) Exclude upper case letters by default in the password character set | |
| no-digits | (Optional.) Exclude digits by default in the password character set | |
| additional-chars | (Optional.) Additional ASCII characters to be included in the password character set | |
| region | Default: fr-parOne of: fr-par |
Region to target. If none is passed will use default region from the config |
Retrieve the metadata of a secret's given version specified by the region, secret_id and revision parameters.
Usage:
scw secret version get [arg=value ...]
Args:
| Name | Description | |
|---|---|---|
| secret-id | Required | ID of the secret |
| revision | Required | Version number |
| region | Default: fr-parOne of: fr-par |
Region to target. If none is passed will use default region from the config |
Retrieve the list of a given secret's versions specified by the secret_id and region parameters.
Usage:
scw secret version list [arg=value ...]
Args:
| Name | Description | |
|---|---|---|
| secret-id | Required | ID of the secret |
| status.{index} | One of: unknown, enabled, disabled, destroyed |
Filter results by status |
| region | Default: fr-parOne of: fr-par, all |
Region to target. If none is passed will use default region from the config |
Edit the metadata of a secret's given version, specified by the region, secret_id and revision parameters.
Usage:
scw secret version update [arg=value ...]
Args:
| Name | Description | |
|---|---|---|
| secret-id | Required | ID of the secret |
| revision | Required | Version number |
| description | Description of the version | |
| region | Default: fr-parOne of: fr-par |
Region to target. If none is passed will use default region from the config |