unwrap command unwraps a wrapped secret from Vault by the given token. The
result is the same as the "vault read" operation on the non-wrapped secret. If
no token is given, the data in the currently authenticated token is unwrapped.
Unwrap the data in the cubbyhole secrets engine for a token:
$ vault unwrap 3de9ece1-b347-e143-29b0-dc2dc31caafd
Unwrap the data in the active token:
$ vault login 848f9ccf-7176-098c-5e2b-75a0689d41cd $ vault unwrap # unwraps 848f9ccf...
The following flags are available in addition to the standard set of flags included on all commands.
(string: "")- Print only the field with the given name. Specifying this option will take precedence over other formatting directives. The result will not have a trailing newline making it ideal for piping to other processes.
(string: "table")- Print the output in the given format. Valid formats are "table", "json", or "yaml". This can also be specified via the