Vault
transit
The transit
command groups subcommands for interacting with Vault's
Transit Secrets Engine.
Syntax
Option flags for a given subcommand are provided after the subcommand, but before the arguments.
Examples
To import keys into a mount via the
Transit BYOK
mechanism, use the vault transit import <path> <key>
or
vault transit import-version <path> <key>
commands:
$ vault transit import transit/keys/test-key @test-key type=rsa-2048
Retrieving transit wrapping key.
Wrapping source key with ephemeral key.
Encrypting ephemeral key with transit wrapping key.
Submitting wrapped key.
Success!