The Akeyless Dev Hub

If you're looking for help with the only zero-trust, SaaS, unified platform for secrets management - you've come to the right place.

This is our documentation and updates center.

Documentation

Updating and versioning static secrets

When updating a static secret you can either update the current version
or create a new version.

Additionally, users can request to rollback to a previous secret version and make
that one the current version again. This can happen if the most recent version was configured incorrectly, for example.

You can easily retrieve and view secrets directly from the CLI or from the intuitive UI.

Updates and versions from the CLI

From the CLI, use update-secret-val to update an existing static secret.
When running update-secret-val on a static secret, by default the latest version is updated.

🚧

Metadata changes

Changing the metadata of a secret never enables changing versions in and of itself.
To change a version, you must explicitly run the --new-version option.

To create a new version, run the --new-version option.

The rest of this section shows examples of how to manage secret versions directly from your CLI with different examples based on the assumption you've already created a secret called /secret1 with value1.

Examples are as follows:

  • create a new version of secret1 with the new value value2
  • get a secret value always returns the current value:
  • get a specific version of the secret value
  • delete a specific version of the secret value
  • roll back to a previous secret version

Create a new version of secret1 with the new value value2

$ akeyless update-secret-val -n /secret1 -v value2 --new-version
The value of secret /secret1 was successfully updated
...
$ akeyless describe-item -n /secret1 --show-versions
{
   "item_name": "/secret1",
   "item_type": "STATIC_SECRET",
   ...
   "last_version": 2,
   ...
   "item_versions": [
      {
         "version": 1,
         "creation_date": "2020-01-30T13:00:00Z"
      },
      {
         "version": 2,
         "creation_date": "2020-01-30T14:00:00Z"
      }
   ],
   ...
}

Get a secret value always returns the current value:

$ akeyless get-secret-value -n /secret1
value2

Get a specific version of the secret value:

$ akeyless get-secret-value -n /secret1 --version 1
value1

Delete a specific version of the secret value:

$ akeyless delete-item -n /secret1 --version 1
Item /secret1 version 1 was successfully deleted
...
$ akeyless describe-item -n /secret1 --show-versions
{
   "item_name": "/secret1",
   "item_type": "STATIC_SECRET",
   ...
   "last_version": 2,
   ...
   "item_versions": [
      {
         "version": 2,
         "creation_date": "2020-01-30T14:00:00Z"
      }
   ],
   ...
}

Roll back to a previous secret version:

$ akeyless update-secret-val -n /secret1 -v value3 --new-version
The value of secret /secret1 was successfully updated

$ akeyless get-secret-value -n /secret1
value3

$ akeyless rollback-secret -n /secret1 --old-version 2
Secret /secret1 was successfully rolled back to version 2

$ akeyless describe-item -n /secret1 --show-versions
{
   "item_name": "/secret1",
   "item_type": "STATIC_SECRET",
   ...
   "last_version": 4,
   ...
   "item_versions": [
      {
         "version": 2,
         "creation_date": "2020-01-30T14:00:00Z"
      },
      {
         "version": 3,
         "creation_date": "2020-01-30T15:00:00Z"
      },
      {
         "version": 4,
         "creation_date": "2020-01-30T16:00:00Z"
      }
   ],
   ...
}

$ akeyless get-secret-value -n /secret1
value2

Updates and versions from the UI

From the UI, click the pencil icon next to the Value of the secret and toggle Create new version to update the value and create a new version of the secret.

Once a secret has more than one version, a list of all previous values is available within the secret at the bottom of the configurations. Click the arrow to open and close the list and view older versions.

From the version history, click the eye icon next to a specific version to open a pop-up and view its value:

To delete a specific secret version from that same list, click the Delete icon and then confirm the deletion:

To restore a specific secret version, also from the list of secret versions, click the Restore icon to open a pop-up and confirm. This rolls the selected version back, overriding the current version:

Updated about a month ago

Updating and versioning static secrets


Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.