I know you can use the Invoke-RestMethod method to do things like login using token and approle (role-id & secret-id), and reading secrets. I need to be able to UPDATE the secrets using a PUT.
This returns a permission denied error,. I am able to login to the approle with the correct role-id/secret-id pair, but invoking it to do the "PUT doesn’t work:
$env:VAULT_ADDR="<my Vault URL>"
$env:VAULT_TOKEN="<my token>"
$env:VAULT_NAMESPACE="<my namespace>"
$secret= "envdev"
$api = "trans"
$ver = 1
$payload =
'{
"data":
{
"Encryption.Shared"="EddieChanged"
}
}'
$header = @{
"X-Vault-Token" = "$($ENV:VAULT_TOKEN)"
"X-Vault-Namespace" = "$($env:VAULT_NAMESPACE)"
}
$uri = "$($env:VAULT_ADDR)" +"/v1/$($secret)/data/$($api)"
'URI: **************'
$uri
'HEADER: **************'
$header
'PAYLOAD: **************'
$payload
$response = Invoke-RestMethod -Headers $header -ContentType 'application/json' -Method PUT -Uri $uri -Body $payload
'RESPONSE: *************'
$response