updated secret management docs with new cli commands, resolves #750

2020-02-10 15:42:18 -07:00 · 2020-02-10 15:42:18 -07:00 · d0b954a0a6
parent b7f117cfdf
commit d0b954a0a6
6 changed files with 204 additions and 69 deletions
--- a/content/v2.0/security/secrets/manage-secrets.md
+++ b/content/v2.0/security/secrets/manage-secrets.md
@ -1,69 +0,0 @@
 ---
 title: Manage secrets
 description: Manage secrets in InfluxDB with the InfluxDB API.
 v2.0/tags: [secrets, security]
 menu:
  v2_0:
    parent: Store and use secrets
 weight: 201
 ---
 Manage secrets using the InfluxDB `/org/{orgID}/secrets` API endpoint.
 All secrets belong to an organization and are stored in your [secret-store](/v2.0/security/secrets/).
 Include your [organization ID](/v2.0/organizations/view-orgs/#view-your-organization-id)
 and [authentication token](/v2.0/security/tokens/view-tokens/) with each request.
 ### Add a secret
 Use the `PATCH` request method to add a new secret to your organization.
 Pass the secret key-value pair in the request body.
 ```sh
 curl -XPATCH http://localhost:9999/api/v2/orgs/<org-id>/secrets \
  -H 'authorization: Token YOURAUTHTOKEN' \
  -H 'Content-type: application/json' \
  --data '{
 	"<secret-key>": "<secret-value>"
 }'
 ```
 ### View secret keys
 Use the `GET` request method to view your organization's secrets keys.
 ```sh
 curl -XGET http://localhost:9999/api/v2/orgs/<org-id>/secrets \
  -H 'authorization: Token YOURAUTHTOKEN'
 ```
 ### Delete a secret
 Use the `POST` request method and the `orgs/{orgID}/secrets/delete` API endpoint
 to delete one or more secrets.
 Include an array of secret keys to delete in the requests body in the following format.
 ```bash
 curl -XGET http://localhost:9999/api/v2/orgs/<org-id>/secrets/delete \
  --H 'authorization: Token YOURAUTHTOKEN'
  --data '{
  "secrets": [
    "<secret-key>"
  ]
 }'
 ```
 ## Use secrets in a query
 Import the `influxdata/influxd/secrets` package and use the `secrets.get()` function
 to populate sensitive data in queries with secrets from your secret store.
 ```js
 import "influxdata/influxdb/secrets"
 import "sql"
 username = secrets.get(key: "POSTGRES_USERNAME")
 password = secrets.get(key: "POSTGRES_PASSWORD")
 sql.from(
  driverName: "postgres",
  dataSourceName: "postgresql://${username}:${password}@localhost",
  query:"SELECT * FROM example-table"
 )
 ```
--- a/content/v2.0/security/secrets/manage-secrets/_index.md
+++ b/content/v2.0/security/secrets/manage-secrets/_index.md
@ -0,0 +1,35 @@
 ---
 title: Manage secrets
 description: Manage secrets in InfluxDB with the InfluxDB API.
 v2.0/tags: [secrets, security]
 menu:
  v2_0:
    parent: Store and use secrets
 weight: 201
 ---
 Manage secrets using the [`influx` command line interface (CLI)](/v2.0/reference/cli/influx/) or the InfluxDB API.
 All secrets belong to an organization and are stored in your [secret-store](/v2.0/security/secrets/).
 {{< children >}}
 ---
 ## Use secrets in a query
 Import the `influxdata/influxd/secrets` package and use the `secrets.get()` function
 to populate sensitive data in queries with secrets from your secret store.
 ```js
 import "influxdata/influxdb/secrets"
 import "sql"
 username = secrets.get(key: "POSTGRES_USERNAME")
 password = secrets.get(key: "POSTGRES_PASSWORD")
 sql.from(
  driverName: "postgres",
  dataSourceName: "postgresql://${username}:${password}@localhost",
  query:"SELECT * FROM example-table"
 )
 ```
--- a/content/v2.0/security/secrets/manage-secrets/add.md
+++ b/content/v2.0/security/secrets/manage-secrets/add.md
@ -0,0 +1,45 @@
 ---
 title: Add secrets
 description: Add secrets using the `influx` CLI or the InfluxDB API.
 v2.0/tags: [secrets, security]
 menu:
  v2_0:
    parent: Manage secrets
 weight: 301
 ---
 Add secrets using the `influx` command line interface (CLI) or the InfluxDB API.
 ## Add a secret using the influx CLI
 Use the [`influx secret update` command](/v2.0/reference/cli/influx/secret/update/)
 to add a new secret to your organization.
 Provide the secret key with the the `-k` or `--key` flag.
 When prompted, enter and confirm the secret value.
 ```sh
 # Syntax
 influx secret update -k <secret-key>
 # Example
 influx secret update -k foo
 ```
 ## Add a secret using the InfluxDB API
 Use the `PATCH` request method and the `/orgs/{orgID}/secrets` API endpoint to
 add a new secret to your organization.
 **Include the following:**
 - Your [organization ID](/v2.0/organizations/view-orgs/#view-your-organization-id) in the request URL
 - Your [authentication token](/v2.0/security/tokens/view-tokens/) in the `Authorization` header
 - The secret key-value pair in the request body
 <!-- -->
 ```sh
 curl -XPATCH http://localhost:9999/api/v2/orgs/<org-id>/secrets \
  -H 'Authorization: Token YOURAUTHTOKEN' \
  -H 'Content-type: application/json' \
  --data '{
 	"<secret-key>": "<secret-value>"
 }'
 ```
--- a/content/v2.0/security/secrets/manage-secrets/delete.md
+++ b/content/v2.0/security/secrets/manage-secrets/delete.md
@ -0,0 +1,45 @@
 ---
 title: Delete secrets
 description: Delete secrets using the `influx` CLI or the InfluxDB API.
 v2.0/tags: [secrets, security]
 menu:
  v2_0:
    parent: Manage secrets
 weight: 304
 ---
 Delete secrets using the `influx` command line interface (CLI) or the InfluxDB API.
 ## Delete a secret using the influx CLI
 Use the [`influx secret delete` command](/v2.0/reference/influx/secret/delete/)
 to delete a secret key-value pair from your organization.
 Provide the secret key to delete with the the `-k` or `--key` flag.
 ```sh
 # Syntax
 influx secret delete -k <secret-key>
 # Example
 influx secret delete -k foo
 ```
 ## Delete secrets using the InfluxDB API
 Use the `POST` request method and the `orgs/{orgID}/secrets/delete` API endpoint
 to delete one or more secrets.
 **Include the following:**
 - Your [organization ID](/v2.0/organizations/view-orgs/#view-your-organization-id) in the request URL
 - Your [authentication token](/v2.0/security/tokens/view-tokens/) in the `Authorization` header
 - An array of secret keys to delete in the requests body
 <!-- -->
 ```bash
 curl -XGET http://localhost:9999/api/v2/orgs/<org-id>/secrets/delete \
  --H 'Authorization: Token YOURAUTHTOKEN'
  --data '{
  "secrets": [
    "<secret-key>"
  ]
 }'
 ```
--- a/content/v2.0/security/secrets/manage-secrets/update.md
+++ b/content/v2.0/security/secrets/manage-secrets/update.md
@ -0,0 +1,45 @@
 ---
 title: Update secrets
 description: Update secrets using the `influx` CLI or the InfluxDB API.
 v2.0/tags: [secrets, security]
 menu:
  v2_0:
    parent: Manage secrets
 weight: 303
 ---
 Update secrets using the `influx` command line interface (CLI) or the InfluxDB API.
 ## Update a secret using the influx CLI
 Use the [`influx secret update` command](/v2.0/reference/cli/influx/secret/update/)
 to update a secret in your organization.
 Provide the secret key with the the `-k` or `--key` flag.
 When prompted, enter and confirm the secret value.
 ```sh
 # Syntax
 influx secret update -k <secret-key>
 # Example
 influx secret update -k foo
 ```
 ## Update a secret using the InfluxDB API
 Use the `PATCH` request method and the InfluxDB `/orgs/{orgID}/secrets` API endpoint
 to update a secret in your organization.
 **Include the following:**
 - Your [organization ID](/v2.0/organizations/view-orgs/#view-your-organization-id) in the request URL
 - Your [authentication token](/v2.0/security/tokens/view-tokens/) in the `Authorization` header
 - The updated secret key-value pair in the request body
 <!-- -->
 ```sh
 curl -XPATCH http://localhost:9999/api/v2/orgs/<org-id>/secrets \
  -H 'Authorization: Token YOURAUTHTOKEN' \
  -H 'Content-type: application/json' \
  --data '{
 	"<secret-key>": "<secret-value>"
 }'
 ```
--- a/content/v2.0/security/secrets/manage-secrets/view.md
+++ b/content/v2.0/security/secrets/manage-secrets/view.md
@ -0,0 +1,34 @@
 ---
 title: View secret keys
 description: View secret keys using the `influx` CLI or the InfluxDB API.
 v2.0/tags: [secrets, security]
 menu:
  v2_0:
    parent: Manage secrets
 weight: 302
 ---
 View secret keys using the `influx` command line interface (CLI) or the InfluxDB API.
 ## View secret keys using the influx CLI
 Use the [`influx secret find` command](/v2.0/reference/cli/influx/secret/find/)
 to list your organization's secret keys.
 ```sh
 influx secret find
 ```
 ## View secret keys using the InfluxDB API
 Use the `GET` request method and the InfluxDB `/orgs/{orgID}/secrets` API endpoint
 to view your organization's secrets keys.
 **Include the following:**
 - Your [organization ID](/v2.0/organizations/view-orgs/#view-your-organization-id) in the request URL
 - Your [authentication token](/v2.0/security/tokens/view-tokens/) in the `Authorization` header
 <!-- -->
 ```sh
 curl -XGET http://localhost:9999/api/v2/orgs/<org-id>/secrets \
  -H 'Authorization: Token YOURAUTHTOKEN'
 ```