API to downgrade the Secret version
428 views
Skip to first unread message
Praneeth Cy
Jun 11, 2018, 10:50:22 AM6/11/18
to Vault
Hi All,
Is there an API to downgrade the KV Secret Engine version to 1? I see one to upgrade, but it doesn't seem to work for downgrade.
Appreciate your help.
Thanks
Praneeth
Praneeth Cy
Jun 11, 2018, 12:15:05 PM6/11/18
to Vault
Haven't found an API to downgrade, but an alternative approach which works for my dev environment.
Unmount the mounted path and then Remount it again.
Unmount:
DELETE verb
headers: X-Vault-Token:<your secret>
Remounting the path 'secret'
POST verb
headers: X-Vault-Token:<your secret>
payload: {"path":"secret","type":"kv","options":{"version":1}}
Thanks
Praneeth
Brian Kassouf
Jun 11, 2018, 4:56:42 PM6/11/18
to vault...@googlegroups.com
Hi Praneeth,
You are correct, there is no way to downgrade a mount once it has been
updated. Creating a new mount and copying the data over is a valid
option, as is deleting the mount and re-mounting, if you don't care
about losing the existing data.
Best,
Brian
> --
> This mailing list is governed under the HashiCorp Community Guidelines - https://www.hashicorp.com/community-guidelines.html. Behavior in violation of those guidelines may result in your removal from this mailing list.
>
> GitHub Issues: https://github.com/hashicorp/vault/issues
> IRC: #vault-tool on Freenode
> ---
> You received this message because you are subscribed to the Google Groups "Vault" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to vault-tool+...@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/vault-tool/70109ae9-7045-44ad-8edb-e4aa74d73a36%40googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.
You are correct, there is no way to downgrade a mount once it has been
updated. Creating a new mount and copying the data over is a valid
option, as is deleting the mount and re-mounting, if you don't care
about losing the existing data.
Best,
Brian
> This mailing list is governed under the HashiCorp Community Guidelines - https://www.hashicorp.com/community-guidelines.html. Behavior in violation of those guidelines may result in your removal from this mailing list.
>
> GitHub Issues: https://github.com/hashicorp/vault/issues
> IRC: #vault-tool on Freenode
> ---
> You received this message because you are subscribed to the Google Groups "Vault" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to vault-tool+...@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/vault-tool/70109ae9-7045-44ad-8edb-e4aa74d73a36%40googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.
Message has been deleted
Praneeth Cy
Jun 12, 2018, 5:22:35 AM6/12/18
to Vault
Thanks for the reply, Brian.
Delete should be okay in my case as it's my local environment and moreover downgrade is the very first request I issue to the Vault as it boots off.
Thanks
Praneeth
Reply all
Reply to author
Forward
0 new messages