How would you use the CLI to read a secret and save it to a file?
Vault doesn’t have this feature built in, but it is possible using other tools and the --format= option
vault kv get -format=json secret/foobar | jq .data.data
Or to get the exact key
vault kv get -format=json secret/foobar | jq .data.data.cert
To output directly to a file
vault kv get -format=json secret/foobar | jq -r .data.data.cert > cert.pem
1 Like
Did you answer the question yourself now or do you still need help?