Skip to content

Instantly share code, notes, and snippets.

@mazenovi
Last active November 2, 2023 18:49
Show Gist options
  • Star 17 You must be signed in to star a gist
  • Fork 4 You must be signed in to fork a gist
  • Save mazenovi/db8e8efb001d45059a6102fa4e241688 to your computer and use it in GitHub Desktop.
Save mazenovi/db8e8efb001d45059a6102fa4e241688 to your computer and use it in GitHub Desktop.
explore recursively your vault by HashiCorp
#!/usr/bin/env bash
function walk() {
for secret in $(vault list $1 | tail -n +3)
do
if [[ ${secret} == *"/" ]] ; then
walk "${1}${secret}"
else
echo "${1}${secret}"
fi
done
}
query="${1}"
if [[ ${query} != *"/" ]] ; then
query=${query}/
fi
echo "${1}"
walk ${query}
@McSlow
Copy link

McSlow commented Aug 28, 2019

If you come across a (versioned) vault kv2 store you need to tweak the script a bit:

#!/usr/bin/env bash

function walk() {
  for secret in $(vault kv list --format=yaml $1|sed  's/- //g')
  do
    if [[ ${secret} == *"/" ]] ; then
      walk "${1}${secret}"
    else
      echo "${1}${secret}"
    fi
  done
}

query="${1}"

if [[ ${query} != *"/" ]] ; then
  query=${query}/
fi

echo "${1}"
walk ${query}

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment