Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
explore recursively your vault by HashiCorp
#!/usr/bin/env bash
function walk() {
for secret in $(vault list $1 | tail -n +3)
do
if [[ ${secret} == *"/" ]] ; then
walk "${1}${secret}"
else
echo "${1}${secret}"
fi
done
}
query="${1}"
if [[ ${query} != *"/" ]] ; then
query=${query}/
fi
echo "${1}"
walk ${query}
@McSlow
Copy link

McSlow commented Aug 28, 2019

If you come across a (versioned) vault kv2 store you need to tweak the script a bit:

#!/usr/bin/env bash

function walk() {
  for secret in $(vault kv list --format=yaml $1|sed  's/- //g')
  do
    if [[ ${secret} == *"/" ]] ; then
      walk "${1}${secret}"
    else
      echo "${1}${secret}"
    fi
  done
}

query="${1}"

if [[ ${query} != *"/" ]] ; then
  query=${query}/
fi

echo "${1}"
walk ${query}

Loading

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment