Influxdata
/
docs-v2
mirror of https://github.com/influxdata/docs-v2.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

updated secret management docs with new cli commands, resolves #750

pull/752/head
Scott Anderson 2020-02-10 15:42:18 -07:00
parent b7f117cfdf
commit d0b954a0a6
6 changed files with 204 additions and 69 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

69
content/v2.0/security/secrets/manage-secrets.md
View File

@ -1,69 +0,0 @@
---
title: Manage secrets
description: Manage secrets in InfluxDB with the InfluxDB API.
v2.0/tags: [secrets, security]
menu:
v2_0:
parent: Store and use secrets
weight: 201
---
Manage secrets using the InfluxDB `/org/{orgID}/secrets` API endpoint.
All secrets belong to an organization and are stored in your [secret-store](/v2.0/security/secrets/).
Include your [organization ID](/v2.0/organizations/view-orgs/#view-your-organization-id)
and [authentication token](/v2.0/security/tokens/view-tokens/) with each request.
### Add a secret
Use the `PATCH` request method to add a new secret to your organization.
Pass the secret key-value pair in the request body.
```sh
curl -XPATCH http://localhost:9999/api/v2/orgs/<org-id>/secrets \
-H 'authorization: Token YOURAUTHTOKEN' \
-H 'Content-type: application/json' \
--data '{
"<secret-key>": "<secret-value>"
}'
```
### View secret keys
Use the `GET` request method to view your organization's secrets keys.
```sh
curl -XGET http://localhost:9999/api/v2/orgs/<org-id>/secrets \
-H 'authorization: Token YOURAUTHTOKEN'
```
### Delete a secret
Use the `POST` request method and the `orgs/{orgID}/secrets/delete` API endpoint
to delete one or more secrets.
Include an array of secret keys to delete in the requests body in the following format.
```bash
curl -XGET http://localhost:9999/api/v2/orgs/<org-id>/secrets/delete \
--H 'authorization: Token YOURAUTHTOKEN'
--data '{
"secrets": [
"<secret-key>"
]
}'
```
## Use secrets in a query
Import the `influxdata/influxd/secrets` package and use the `secrets.get()` function
to populate sensitive data in queries with secrets from your secret store.
```js
import "influxdata/influxdb/secrets"
import "sql"
username = secrets.get(key: "POSTGRES_USERNAME")
password = secrets.get(key: "POSTGRES_PASSWORD")
sql.from(
driverName: "postgres",
dataSourceName: "postgresql://${username}:${password}@localhost",
query:"SELECT * FROM example-table"
)
```

35
content/v2.0/security/secrets/manage-secrets/_index.md Normal file
View File

@ -0,0 +1,35 @@
---
title: Manage secrets
description: Manage secrets in InfluxDB with the InfluxDB API.
v2.0/tags: [secrets, security]
menu:
v2_0:
parent: Store and use secrets
weight: 201
---
Manage secrets using the [`influx` command line interface (CLI)](/v2.0/reference/cli/influx/) or the InfluxDB API.
All secrets belong to an organization and are stored in your [secret-store](/v2.0/security/secrets/).
{{< children >}}
---
## Use secrets in a query
Import the `influxdata/influxd/secrets` package and use the `secrets.get()` function
to populate sensitive data in queries with secrets from your secret store.
```js
import "influxdata/influxdb/secrets"
import "sql"
username = secrets.get(key: "POSTGRES_USERNAME")
password = secrets.get(key: "POSTGRES_PASSWORD")
sql.from(
driverName: "postgres",
dataSourceName: "postgresql://${username}:${password}@localhost",
query:"SELECT * FROM example-table"
)
```

45
content/v2.0/security/secrets/manage-secrets/add.md Normal file
View File

@ -0,0 +1,45 @@
---
title: Add secrets
description: Add secrets using the `influx` CLI or the InfluxDB API.
v2.0/tags: [secrets, security]
menu:
v2_0:
parent: Manage secrets
weight: 301
---
Add secrets using the `influx` command line interface (CLI) or the InfluxDB API.
## Add a secret using the influx CLI
Use the [`influx secret update` command](/v2.0/reference/cli/influx/secret/update/)
to add a new secret to your organization.
Provide the secret key with the the `-k` or `--key` flag.
When prompted, enter and confirm the secret value.
```sh
# Syntax
influx secret update -k <secret-key>
# Example
influx secret update -k foo
```
## Add a secret using the InfluxDB API
Use the `PATCH` request method and the `/orgs/{orgID}/secrets` API endpoint to
add a new secret to your organization.
**Include the following:**
- Your [organization ID](/v2.0/organizations/view-orgs/#view-your-organization-id) in the request URL
- Your [authentication token](/v2.0/security/tokens/view-tokens/) in the `Authorization` header
- The secret key-value pair in the request body
<!-- -->
```sh
curl -XPATCH http://localhost:9999/api/v2/orgs/<org-id>/secrets \
-H 'Authorization: Token YOURAUTHTOKEN' \
-H 'Content-type: application/json' \
--data '{
"<secret-key>": "<secret-value>"
}'
```

45
content/v2.0/security/secrets/manage-secrets/delete.md Normal file
View File

@ -0,0 +1,45 @@
---
title: Delete secrets
description: Delete secrets using the `influx` CLI or the InfluxDB API.
v2.0/tags: [secrets, security]
menu:
v2_0:
parent: Manage secrets
weight: 304
---
Delete secrets using the `influx` command line interface (CLI) or the InfluxDB API.
## Delete a secret using the influx CLI
Use the [`influx secret delete` command](/v2.0/reference/influx/secret/delete/)
to delete a secret key-value pair from your organization.
Provide the secret key to delete with the the `-k` or `--key` flag.
```sh
# Syntax
influx secret delete -k <secret-key>
# Example
influx secret delete -k foo
```
## Delete secrets using the InfluxDB API
Use the `POST` request method and the `orgs/{orgID}/secrets/delete` API endpoint
to delete one or more secrets.
**Include the following:**
- Your [organization ID](/v2.0/organizations/view-orgs/#view-your-organization-id) in the request URL
- Your [authentication token](/v2.0/security/tokens/view-tokens/) in the `Authorization` header
- An array of secret keys to delete in the requests body
<!-- -->
```bash
curl -XGET http://localhost:9999/api/v2/orgs/<org-id>/secrets/delete \
--H 'Authorization: Token YOURAUTHTOKEN'
--data '{
"secrets": [
"<secret-key>"
]
}'
```

45
content/v2.0/security/secrets/manage-secrets/update.md Normal file
View File

@ -0,0 +1,45 @@
---
title: Update secrets
description: Update secrets using the `influx` CLI or the InfluxDB API.
v2.0/tags: [secrets, security]
menu:
v2_0:
parent: Manage secrets
weight: 303
---
Update secrets using the `influx` command line interface (CLI) or the InfluxDB API.
## Update a secret using the influx CLI
Use the [`influx secret update` command](/v2.0/reference/cli/influx/secret/update/)
to update a secret in your organization.
Provide the secret key with the the `-k` or `--key` flag.
When prompted, enter and confirm the secret value.
```sh
# Syntax
influx secret update -k <secret-key>
# Example
influx secret update -k foo
```
## Update a secret using the InfluxDB API
Use the `PATCH` request method and the InfluxDB `/orgs/{orgID}/secrets` API endpoint
to update a secret in your organization.
**Include the following:**
- Your [organization ID](/v2.0/organizations/view-orgs/#view-your-organization-id) in the request URL
- Your [authentication token](/v2.0/security/tokens/view-tokens/) in the `Authorization` header
- The updated secret key-value pair in the request body
<!-- -->
```sh
curl -XPATCH http://localhost:9999/api/v2/orgs/<org-id>/secrets \
-H 'Authorization: Token YOURAUTHTOKEN' \
-H 'Content-type: application/json' \
--data '{
"<secret-key>": "<secret-value>"
}'
```

34
content/v2.0/security/secrets/manage-secrets/view.md Normal file
View File

@ -0,0 +1,34 @@
---
title: View secret keys
description: View secret keys using the `influx` CLI or the InfluxDB API.
v2.0/tags: [secrets, security]
menu:
v2_0:
parent: Manage secrets
weight: 302
---
View secret keys using the `influx` command line interface (CLI) or the InfluxDB API.
## View secret keys using the influx CLI
Use the [`influx secret find` command](/v2.0/reference/cli/influx/secret/find/)
to list your organization's secret keys.
```sh
influx secret find
```
## View secret keys using the InfluxDB API
Use the `GET` request method and the InfluxDB `/orgs/{orgID}/secrets` API endpoint
to view your organization's secrets keys.
**Include the following:**
- Your [organization ID](/v2.0/organizations/view-orgs/#view-your-organization-id) in the request URL
- Your [authentication token](/v2.0/security/tokens/view-tokens/) in the `Authorization` header
<!-- -->
```sh
curl -XGET http://localhost:9999/api/v2/orgs/<org-id>/secrets \
-H 'Authorization: Token YOURAUTHTOKEN'
```