kaparora/vault-transform-fpe.sh

## vault-transform-fpe.sh
#!/bin/sh

#enable the transform secret engine at a path of your choice
vault secrets enable  -path=/data-protection/transform transform

#Define a role ssn with transformation name ssn
vault write /data-protection/transform/role/ssn transformations=ssn

#create a transformation of type fpe using built in template for social security number
#and assign role ssn to it that we created earlier
vault write /data-protection/transform/transformation/ssn \
        type=fpe \
        template=builtin/socialsecuritynumber \
        tweak_source=internal \
        allowed_roles=ssn

#test if you are able to transform a SSN
vault write /data-protection/transform/encode/ssn value=111-22-3333
#test decode with following statements after executing the above statement
#vault write /data-protection/transform/decode/ssn value=
	#!/bin/sh

	#enable the transform secret engine at a path of your choice
	vault secrets enable -path=/data-protection/transform transform

	#Define a role ssn with transformation name ssn
	vault write /data-protection/transform/role/ssn transformations=ssn

	#create a transformation of type fpe using built in template for social security number
	#and assign role ssn to it that we created earlier
	vault write /data-protection/transform/transformation/ssn \
	type=fpe \
	template=builtin/socialsecuritynumber \
	tweak_source=internal \
	allowed_roles=ssn

	#test if you are able to transform a SSN
	vault write /data-protection/transform/encode/ssn value=111-22-3333
	#test decode with following statements after executing the above statement
	#vault write /data-protection/transform/decode/ssn value=