Let’s say I have two fields “foo1” and “foo2” under secret/hello. vault kv delete secret/hello will delete the secret and all fields within that secret. How do I delete just specific field and not the entire secret (say “foo1”)?
What I already tried:
There’s unfortunately no way to do a partial update to a key-value secret. If you perform a vault kv put it overwrites the entire secret, and if you perform a vault kv delete it deletes the entire secret. The API does not support modifying just one field within a secret.
To delete just one key-value pair within a secret, you should read the old value and write a new value with that pair missing.
thanks @mgritter
That helps. Writing new value with the pair (that I want to delete) missing, does the work of “deletion”.