Reputation: 123
How to export vault secrets as zip file
Is there a way to export vault secret data from one vault instance, and then import to another vault instance?
Example: Export secrets from the source instance with the path secret/vault/path and import to the destination empty vault instance.
Upvotes: 9
Views: 14726
Answers (2)
Reputation: 271
I have written an open source cli tool called Medusa that can export and import your Vault secrets on different Vault instances.
The tool can handle a full tree structure in both import and export. It also supports end to end encryption of your secrets between export and import between Vault instances so that your secrets are always secure.
https://github.com/jonasvinther/medusa
export VAULT_ADDR=https://192.168.86.41:8201
export VAULT_SKIP_VERIFY=true
export VAULT_TOKEN=00000000-0000-0000-0000-000000000000
./medusa export kv/path/to/secret --format="yaml" --output="my-secrets.txt"
./medusa import kv/path/to/new/secret ./my-secrets.txt
Upvotes: 10
Reputation: 6331
I am not aware of a 'native' way to do this. You will need to iterate over the requested secrets and export them to file (and import them in the same way).
You can try to use one of the following projects that attempt to do it:
Upvotes: 10
Related Questions
- Hashicorp vault - export key from one vault, import into another vault
- HashiCorp Vault to populate kubernetes secrets
- How to get Vault secret through Terraform?
- How to use the HashiCorp's Vault API in order to get all all the secret values from a directory with a single API call
- How to mount Vault secret as a file in Kubernetes?
- Reading secrets from Vault CLI
- Vault: Get key value secrets
- How to add jks file and the jks file password to vault
- Vault: how to create an secret-id
- Vault: how to get list of kv secrets