secret

The OLP CLI supports the following functionality for third party secret management:

secret create

Creates a secret.

olp secret create [command options]

Required parameters:

  • <secret name> The name of an third-party secret.
  • <secret content> The file path to the third-party secret content in plain text.
  • <type> The type of the third-party secret. Must be either 'custom' or 'aws'.

Optional parameters:

  • --expires <yyyy-MM-ddTHH:mm:ss> The expiration date of a secret. The timestamp must match the ISO-8601 format yyyy-MM-ddTHH:mm:ss. For example, '2020-12-23T02:24:00.000Z'. If not specified, the secret doesn't expire.
  • --grant-read-to <hrn> Grant read access to the secret to the specified app HRN. To get an app's HRN, use the olp app show command.
  • --filename <file name> A relative file name for the platform to use to write the secret in plain text on the filesystem. The file will be placed in the directory specified by the type property. Defaults to credentials.
  • --credentials <path to credentials file> The name of a credentials file to use with the command. Credentials files are downloaded separately from the HERE platform portal.
  • --profile <profile name> The name of the credentials profile to use from the olpcli.ini file.
  • --json Display the command's result in JSON format.
  • --quiet Display an empty output skipping additional information.

For more information on using credentials and profiles, see Credentials setup.

Example:

The command below creates a third party secret:

Linux
Windows
olp secret create my-key-1234 ~/.aws/my-aws-secrets.txt aws
olp secret create my-key-1234 C:\Users\username\.aws\my-aws-secrets.txt aws

Output:


Secret hrn:here:here:account::myrealm:secret/my-key-1234 has been created.

secret delete

Deletes a secret.

olp secret delete [command options]

Required parameters:

  • <secret HRN> The HRN of the third party secret.

Optional parameters:

  • --credentials <path to credentials file> The name of a credentials file to use with the command. Credentials files are downloaded separately from the HERE platform portal.
  • --profile <profile name> The name of the credentials profile to use from the olpcli.ini file.
  • --quiet Display an empty output skipping additional information.

For more information on using credentials and profiles, see Credentials setup.

Example:

The command below deletes a third party secret:


olp secret delete hrn:here:here:account::myrealm:secret/my-key-1234

Output:


Secret hrn:here:here:account::myrealm:secret/my-key-1234 has been deleted.

secret disable

Disables a secret.

olp secret disable [command options]

Required parameters:

  • <secret HRN> The HRN of the third party secret.

Optional parameters:

  • --credentials <path to credentials file> The name of a credentials file to use with the command. Credentials files are downloaded separately from the HERE platform portal.
  • --profile <profile name> The name of the credentials profile to use from the olpcli.ini file.
  • --quiet Display an empty output skipping additional information.

For more information on using credentials and profiles, see Credentials setup.

Example:

The command below disables a third party secret:


olp secret disable hrn:here:here:account::myrealm:secret/my-key-1234

Output:


Secret hrn:here:here:account::myrealm:secret/my-key-1234 has been disabled.

secret enable

Enables a secret.

olp secret enable [command options]

Required parameters:

  • <secret HRN> The HRN of the third party secret.

Optional parameters:

  • --credentials <path to credentials file> The name of a credentials file to use with the command. Credentials files are downloaded separately from the HERE platform portal.
  • --profile <profile name> The name of the credentials profile to use from the olpcli.ini file.
  • --quiet Display an empty output skipping additional information.

For more information on using credentials and profiles, see Credentials setup.

Example:

The command below enables a third party secret:


olp secret enable hrn:here:here:account::myrealm:secret/my-key-1234

Output:


Secret hrn:here:here:account::myrealm:secret/my-key-1234 has been enabled.

secret list

Lists secrets accessible to the caller.

olp secret list [command options]

Optional parameters:

  • --enabled <true|false> If set to true, only enabled secrets are returned. If not specified, all secrets are returned.
  • --credentials <path to credentials file> The name of a credentials file to use with the command. Credentials files are downloaded separately from the HERE platform portal.
  • --profile <profile name> The name of the credentials profile to use from the olpcli.ini file.
  • --json Display the command's result in JSON format.
  • --quiet Display an empty output skipping additional information.

For more information on using credentials and profiles, see Credentials setup.

Example:

The command below lists all your third party secrets:

olp secret list --json

Output:


{"secrets": [{
    "id": "my-key-1234",
    "type": "aws",
    "filename": "credentials",
    "name": "external key example",
    "hrn": "hrn:here:here:account::myrealm:secret/my-key-1234",
    "sha256": "C01DCECC41CA1E27BB0D41B089528D6D15443AF24E710A005BB2372CD107474E",
    "enabled": true,
    "created": "2020-10-09T07:32:00.000Z",
    "modified": "2020-10-09T07:32:00.000Z",
    "expires": "2020-12-28T02:24:00.000Z"
}]}

secret update

Updates a secret.

olp secret update [command options]

Required parameters:

  • <secret HRN> The HRN of the third party secret.

Optional parameters:

  • --name <secret name> The name of the third-party secret.
  • --type <custom|aws> The type of the third-party secret. Must be either 'custom' or 'aws'.
  • --secret-content <path to secret content> The file path to the third-party secret content in plain text.
  • --filename <file name> The relative file name for the platform to use to write the secret in plain text on the filesystem. The file will be placed in the directory specified by the type property. Defaults to credentials.
  • --expires <yyyy-MM-ddTHH:mm:ss> The expiration date of a secret. The timestamp must match the ISO-8601 format yyyy-MM-ddTHH:mm:ss. For example, '2020-12-23T02:24:00.000Z'.
  • --credentials <path to credentials file> The name of a credentials file to use with the command. Credentials files are downloaded separately from the HERE platform portal.
  • --profile <profile name> The name of the credentials profile to use from the olpcli.ini file.
  • --json Display the command's result in JSON format.
  • --quiet Display an empty output skipping additional information.

For more information on using credentials and profiles, see Credentials setup.

Example:

The command below updates the name of a third party secret:


olp secret update hrn:here:here:account::myrealm:secret/my-key-1234 --name new-name

Output:


Secret hrn:here:here:account::myrealm:secret/my-key-1234 has been updated.

results matching ""

    No results matching ""