Getting information about a secret, its contents, and access rights
You can get detailed information about a secret and secret contents and view access rights to a secret.
Getting information about a secret
If you do not have the Yandex Cloud command line interface yet, install and initialize it.
The folder specified in the CLI profile is used by default. You can specify a different folder using the --folder-name
or --folder-id
parameter.
-
See a description of the CLI command to get information about a secret:
yc lockbox secret get --help
-
Get information about a secret by specifying its name or ID:
yc lockbox secret get <secret_name_or_ID>
Result:
id: e6qi98vtdva1******** folder_id: b1go79qlt1tp******** created_at: "2023-11-03T15:28:18.909Z" name: test-secret kms_key_id: abj765aos682******** status: ACTIVE current_version: id: e6q7nvojsgmk******** secret_id: e6qi98vtdva1******** created_at: "2023-11-03T15:28:18.909Z" status: ACTIVE payload_entry_keys: - example-key
Getting the contents of a secret
If you do not have the Yandex Cloud command line interface yet, install and initialize it.
The folder specified in the CLI profile is used by default. You can specify a different folder using the --folder-name
or --folder-id
parameter.
-
View a description of the CLI command to get the contents of a secret:
yc lockbox payload get --help
-
Get the contents of a secret by specifying its name or ID:
yc lockbox payload get <secret_name_or_ID>
Result:
version_id: e6q7nvojsgmk******** entries: - key: example-key text_value: example-value
Viewing access rights to a secret
If you do not have the Yandex Cloud command line interface yet, install and initialize it.
The folder specified in the CLI profile is used by default. You can specify a different folder using the --folder-name
or --folder-id
parameter.
-
View a description of the CLI command to view access rights to a secret:
yc lockbox secret list-access-bindings --help
-
View access rights to a secret by specifying its name or ID:
yc lockbox secret list-access-bindings <secret_name_or_ID>
Result:
+---------+---------------+----------------------+ | ROLE ID | SUBJECT TYPE | SUBJECT ID | +---------+---------------+----------------------+ | viewer | federatedUser | ajej2i98kcjd******** | +---------+---------------+----------------------+