Secrets Manager Plugin for Anypoint CLI
$ npm install -g @mulesoft/anypoint-cli-secrets-mgr-plugin
$ anypoint-cli-secrets-mgr-plugin COMMAND
running command...
$ anypoint-cli-secrets-mgr-plugin (--version|-v)
@mulesoft/anypoint-cli-secrets-mgr-plugin/0.0.1 darwin-arm64 node-v18.12.0
$ anypoint-cli-secrets-mgr-plugin --help [COMMAND]
USAGE
$ anypoint-cli-secrets-mgr-plugin COMMAND
...anypoint-cli-secrets-mgr-plugin conf [KEY] [VALUE]anypoint-cli-secrets-mgr-plugin help [COMMAND]anypoint-cli-secrets-mgr-plugin secrets-mgr certificate createanypoint-cli-secrets-mgr-plugin secrets-mgr certificate describeanypoint-cli-secrets-mgr-plugin secrets-mgr certificate listanypoint-cli-secrets-mgr-plugin secrets-mgr certificate modifyanypoint-cli-secrets-mgr-plugin secrets-mgr certificate replaceanypoint-cli-secrets-mgr-plugin secrets-mgr keystore createanypoint-cli-secrets-mgr-plugin secrets-mgr keystore describeanypoint-cli-secrets-mgr-plugin secrets-mgr keystore listanypoint-cli-secrets-mgr-plugin secrets-mgr keystore modifyanypoint-cli-secrets-mgr-plugin secrets-mgr keystore replaceanypoint-cli-secrets-mgr-plugin secrets-mgr secret-group createanypoint-cli-secrets-mgr-plugin secrets-mgr secret-group deleteanypoint-cli-secrets-mgr-plugin secrets-mgr secret-group describeanypoint-cli-secrets-mgr-plugin secrets-mgr secret-group listanypoint-cli-secrets-mgr-plugin secrets-mgr secret-group modifyanypoint-cli-secrets-mgr-plugin secrets-mgr shared-secret createanypoint-cli-secrets-mgr-plugin secrets-mgr shared-secret describeanypoint-cli-secrets-mgr-plugin secrets-mgr shared-secret listanypoint-cli-secrets-mgr-plugin secrets-mgr shared-secret modifyanypoint-cli-secrets-mgr-plugin secrets-mgr shared-secret replaceanypoint-cli-secrets-mgr-plugin secrets-mgr tls-context flex-gateway createanypoint-cli-secrets-mgr-plugin secrets-mgr tls-context flex-gateway describeanypoint-cli-secrets-mgr-plugin secrets-mgr tls-context flex-gateway listanypoint-cli-secrets-mgr-plugin secrets-mgr tls-context flex-gateway modifyanypoint-cli-secrets-mgr-plugin secrets-mgr tls-context flex-gateway replaceanypoint-cli-secrets-mgr-plugin secrets-mgr tls-context mule createanypoint-cli-secrets-mgr-plugin secrets-mgr tls-context mule describeanypoint-cli-secrets-mgr-plugin secrets-mgr tls-context mule listanypoint-cli-secrets-mgr-plugin secrets-mgr tls-context mule modifyanypoint-cli-secrets-mgr-plugin secrets-mgr tls-context mule replaceanypoint-cli-secrets-mgr-plugin secrets-mgr tls-context tls-context-listanypoint-cli-secrets-mgr-plugin secrets-mgr truststore createanypoint-cli-secrets-mgr-plugin secrets-mgr truststore describeanypoint-cli-secrets-mgr-plugin secrets-mgr truststore listanypoint-cli-secrets-mgr-plugin secrets-mgr truststore modifyanypoint-cli-secrets-mgr-plugin secrets-mgr truststore replaceanypoint-cli-secrets-mgr-plugin version
Manage authentication credentials in a configuration file (config.json)
USAGE
$ anypoint-cli-secrets-mgr-plugin conf [KEY] [VALUE] [-h] [-k <value>] [-v <value>] [-d]
ARGUMENTS
KEY key of the config
VALUE value of the config
FLAGS
-d, --delete delete config key
-h, --help Show CLI help.
-k, --key=<value> key of the config
-v, --value=<value> value of the config
DESCRIPTION
Manage authentication credentials in a configuration file (config.json)
by adding and removing key value pairs. Set one key value pair per command execution.
CLI config file: /Users/nvenkatachari/Library/Preferences/oclif-nodejs/config.json
EXAMPLES
$ anypoint-cli-secrets-mgr-plugin conf username myuser
$ anypoint-cli-secrets-mgr-plugin conf password mypwd
Display help for anypoint-cli-secrets-mgr-plugin.
USAGE
$ anypoint-cli-secrets-mgr-plugin help [COMMAND] [-n]
ARGUMENTS
COMMAND Command to show help for.
FLAGS
-n, --nested-commands Include all nested commands in the output.
DESCRIPTION
Display help for anypoint-cli-secrets-mgr-plugin.
See code: @oclif/plugin-help
Create a new certificate secret in the specified secret group.
USAGE
$ anypoint-cli-secrets-mgr-plugin secrets-mgr certificate create (-t PEM -n <value> -g <value>) [--password <value> [--username
<value> | --client_id <value> | ]] [--client_secret <value> ] [--bearer <value> | | ] [--organization <value>]
[--environment <value>] [--host <value>] [--collectMetrics] [--cert-file <value>] [--expiration-date <value>] [-o
<value>] [-h]
FLAGS
-g, --group-id=<value> (required) Secret group id.
-h, --help Show CLI help.
-n, --name=<value> (required) Name for the secret.
-o, --output=<value> [default: table] Format for commands output. Supported values are table (default) and
json
-t, --type=<option> (required) Certificate type.
<options: PEM>
--bearer=<value> Token Bearer. You can define this in the ANYPOINT_BEARER environment variable.
--cert-file=<value> Certificate file path.
--client_id=<value> Client ID. You can define this in the ANYPOINT_CLIENT_ID environment variable.
--client_secret=<value> Client Secret. You can define this in the ANYPOINT_CLIENT_SECRET environment variable.
--collectMetrics collect metrics. You can define this in the COLLECT_METRICS environment variable.
--environment=<value> Environment Name. You can define this in the ANYPOINT_ENV environment variable.
--expiration-date=<value> Expiration date for the secret.
--host=anypoint.mulesoft.com [default: anypoint.mulesoft.com] Host URL. You can define this in the ANYPOINT_HOST
environment variable.
--organization=<value> Organization Name. You can define this in the ANYPOINT_ORG environment variable.
--password=<value> Password. You can define this in the ANYPOINT_PASSWORD environment variable.
--username=<value> Username. You can define this in the ANYPOINT_USERNAME environment variable.
DESCRIPTION
Create a new certificate secret in the specified secret group.
EXAMPLES
Create a PEM type certificate secret 'example-secret-1' in a secret group with id
'59573b4e-cdea-4917-ac34-b047e1e94dbe'
$ anypoint-cli-secrets-mgr-plugin secrets-mgr certificate create \
--name=example-secret-1 \
--group-id=59573b4e-cdea-4917-ac34-b047e1e94dbe \
--type=PEM \
--cert-file=./example-cert.pem
Show the details of a certificate secret. The output will not include the certificate file content.
USAGE
$ anypoint-cli-secrets-mgr-plugin secrets-mgr certificate describe -i <value> -g <value> [--password <value> [--username <value> |
--client_id <value> | ]] [--client_secret <value> ] [--bearer <value> | | ] [--organization <value>] [--environment
<value>] [--host <value>] [--collectMetrics] [-o <value>] [-h]
FLAGS
-g, --group-id=<value> (required) Secret group id.
-h, --help Show CLI help.
-i, --id=<value> (required) Secret id.
-o, --output=<value> [default: table] Format for commands output. Supported values are table (default) and
json
--bearer=<value> Token Bearer. You can define this in the ANYPOINT_BEARER environment variable.
--client_id=<value> Client ID. You can define this in the ANYPOINT_CLIENT_ID environment variable.
--client_secret=<value> Client Secret. You can define this in the ANYPOINT_CLIENT_SECRET environment variable.
--collectMetrics collect metrics. You can define this in the COLLECT_METRICS environment variable.
--environment=<value> Environment Name. You can define this in the ANYPOINT_ENV environment variable.
--host=anypoint.mulesoft.com [default: anypoint.mulesoft.com] Host URL. You can define this in the ANYPOINT_HOST
environment variable.
--organization=<value> Organization Name. You can define this in the ANYPOINT_ORG environment variable.
--password=<value> Password. You can define this in the ANYPOINT_PASSWORD environment variable.
--username=<value> Username. You can define this in the ANYPOINT_USERNAME environment variable.
DESCRIPTION
Show the details of a certificate secret. The output will not include the certificate file content.
EXAMPLES
Show the details of a certificate secret with id '6fdfa612-6966-4a50-9222-7e31d7480979' in a secret group with id
'59573b4e-cdea-4917-ac34-b047e1e94dbe'.
$ anypoint-cli-secrets-mgr-plugin secrets-mgr certificate describe \
--id=6fdfa612-6966-4a50-9222-7e31d7480979 \
--group-id=59573b4e-cdea-4917-ac34-b047e1e94dbe
List the certificate secrets in a secret group.
USAGE
$ anypoint-cli-secrets-mgr-plugin secrets-mgr certificate list -g <value> [--password <value> [--username <value> | --client_id
<value> | ]] [--client_secret <value> ] [--bearer <value> | | ] [--organization <value>] [--environment <value>]
[--host <value>] [--collectMetrics] [-o <value>] [-h]
FLAGS
-g, --group-id=<value> (required) Secret group id.
-h, --help Show CLI help.
-o, --output=<value> [default: table] Format for commands output. Supported values are table (default) and
json
--bearer=<value> Token Bearer. You can define this in the ANYPOINT_BEARER environment variable.
--client_id=<value> Client ID. You can define this in the ANYPOINT_CLIENT_ID environment variable.
--client_secret=<value> Client Secret. You can define this in the ANYPOINT_CLIENT_SECRET environment variable.
--collectMetrics collect metrics. You can define this in the COLLECT_METRICS environment variable.
--environment=<value> Environment Name. You can define this in the ANYPOINT_ENV environment variable.
--host=anypoint.mulesoft.com [default: anypoint.mulesoft.com] Host URL. You can define this in the ANYPOINT_HOST
environment variable.
--organization=<value> Organization Name. You can define this in the ANYPOINT_ORG environment variable.
--password=<value> Password. You can define this in the ANYPOINT_PASSWORD environment variable.
--username=<value> Username. You can define this in the ANYPOINT_USERNAME environment variable.
DESCRIPTION
List the certificate secrets in a secret group.
EXAMPLES
List all the certificate secrets in a secret group with id '59573b4e-cdea-4917-ac34-b047e1e94dbe'.
$ anypoint-cli-secrets-mgr-plugin secrets-mgr certificate list --group-id=59573b4e-cdea-4917-ac34-b047e1e94dbe
Modify the 'name' or 'expiration date' for an existing certificate secret.
USAGE
$ anypoint-cli-secrets-mgr-plugin secrets-mgr certificate modify -i <value> -g <value> [--password <value> [--username <value> |
--client_id <value> | ]] [--client_secret <value> ] [--bearer <value> | | ] [--organization <value>] [--environment
<value>] [--host <value>] [--collectMetrics] [-n <value>] [--expiration-date <value>] [-o <value>] [-h]
FLAGS
-g, --group-id=<value> (required) Secret group id.
-h, --help Show CLI help.
-i, --id=<value> (required) Secret id.
-n, --name=<value> Name for the secret.
-o, --output=<value> [default: table] Format for commands output. Supported values are table (default) and
json
--bearer=<value> Token Bearer. You can define this in the ANYPOINT_BEARER environment variable.
--client_id=<value> Client ID. You can define this in the ANYPOINT_CLIENT_ID environment variable.
--client_secret=<value> Client Secret. You can define this in the ANYPOINT_CLIENT_SECRET environment variable.
--collectMetrics collect metrics. You can define this in the COLLECT_METRICS environment variable.
--environment=<value> Environment Name. You can define this in the ANYPOINT_ENV environment variable.
--expiration-date=<value> Expiration date for the secret.
--host=anypoint.mulesoft.com [default: anypoint.mulesoft.com] Host URL. You can define this in the ANYPOINT_HOST
environment variable.
--organization=<value> Organization Name. You can define this in the ANYPOINT_ORG environment variable.
--password=<value> Password. You can define this in the ANYPOINT_PASSWORD environment variable.
--username=<value> Username. You can define this in the ANYPOINT_USERNAME environment variable.
DESCRIPTION
Modify the 'name' or 'expiration date' for an existing certificate secret.
EXAMPLES
Modify only the name for a certificate secret with id '6fdfa612-6966-4a50-9222-7e31d7480979' in a secret group with
id '59573b4e-cdea-4917-ac34-b047e1e94dbe'.
$ anypoint-cli-secrets-mgr-plugin secrets-mgr certificate modify \
--id=6fdfa612-6966-4a50-9222-7e31d7480979 \
--group-id=59573b4e-cdea-4917-ac34-b047e1e94dbe \
--name=new-secret-name
Replace an existing certificate secret.
USAGE
$ anypoint-cli-secrets-mgr-plugin secrets-mgr certificate replace -i <value> (-t PEM -n <value> -g <value>) [--password <value>
[--username <value> | --client_id <value> | ]] [--client_secret <value> ] [--bearer <value> | | ] [--organization
<value>] [--environment <value>] [--host <value>] [--collectMetrics] [--cert-file <value>] [--expiration-date
<value>] [-o <value>] [-h]
FLAGS
-g, --group-id=<value> (required) Secret group id.
-h, --help Show CLI help.
-i, --id=<value> (required) Secret id.
-n, --name=<value> (required) Name for the secret.
-o, --output=<value> [default: table] Format for commands output. Supported values are table (default) and
json
-t, --type=<option> (required) Certificate type.
<options: PEM>
--bearer=<value> Token Bearer. You can define this in the ANYPOINT_BEARER environment variable.
--cert-file=<value> Certificate file path.
--client_id=<value> Client ID. You can define this in the ANYPOINT_CLIENT_ID environment variable.
--client_secret=<value> Client Secret. You can define this in the ANYPOINT_CLIENT_SECRET environment variable.
--collectMetrics collect metrics. You can define this in the COLLECT_METRICS environment variable.
--environment=<value> Environment Name. You can define this in the ANYPOINT_ENV environment variable.
--expiration-date=<value> Expiration date for the secret.
--host=anypoint.mulesoft.com [default: anypoint.mulesoft.com] Host URL. You can define this in the ANYPOINT_HOST
environment variable.
--organization=<value> Organization Name. You can define this in the ANYPOINT_ORG environment variable.
--password=<value> Password. You can define this in the ANYPOINT_PASSWORD environment variable.
--username=<value> Username. You can define this in the ANYPOINT_USERNAME environment variable.
DESCRIPTION
Replace an existing certificate secret.
EXAMPLES
Replace a certificate secret with id '6fdfa612-6966-4a50-9222-7e31d7480979' in a secret group with id
'59573b4e-cdea-4917-ac34-b047e1e94dbe'.
$ anypoint-cli-secrets-mgr-plugin secrets-mgr certificate replace \
--id=6fdfa612-6966-4a50-9222-7e31d7480979 \
--group-id=59573b4e-cdea-4917-ac34-b047e1e94dbe \
--name=example-secret-1 \
--cert-file=./new-cert.pem
Create a new keystore secret in the specified secret group.
USAGE
$ anypoint-cli-secrets-mgr-plugin secrets-mgr keystore create -g <value> -n <value> -t PEM|JKS|PKCS12|JCEKS [--password <value>
[--username <value> | --client_id <value> | ]] [--client_secret <value> ] [--bearer <value> | | ] [--organization
<value>] [--environment <value>] [--host <value>] [--collectMetrics] [--keystore-file <value>] [--key-file <value>]
[--cert-file <value>] [--capath-file <value>] [--store-passphrase <value>] [--key-passphrase <value>] [--alias
<value>] [--algorithm PKIX|SunX509] [--expiration-date <value>] [-o <value>] [-h]
FLAGS
-g, --group-id=<value> (required) Secret group id.
-h, --help Show CLI help.
-n, --name=<value> (required) Name for the secret.
-o, --output=<value> [default: table] Format for commands output. Supported values are table (default) and
json
-t, --type=<option> (required) Keystore type.
<options: PEM|JKS|PKCS12|JCEKS>
--algorithm=<option> Key manager factory algorithm for the JKS/PKCS12/JCEKS type keystore. Not applicable for
the PEM type keystore.
<options: PKIX|SunX509>
--alias=<value> Alias for the key in the JKS/PKCS12/JCEKS type keystore. Not applicable for the PEM type
keystore.
--bearer=<value> Token Bearer. You can define this in the ANYPOINT_BEARER environment variable.
--capath-file=<value> CA path certificate file for the PEM type keystore. Not applicable for the
JKS/PKCS12/JCEKS type keystore.
--cert-file=<value> Certificate file for the PEM type keystore. Not applicable for the JKS/PKCS12/JCEKS type
keystore.
--client_id=<value> Client ID. You can define this in the ANYPOINT_CLIENT_ID environment variable.
--client_secret=<value> Client Secret. You can define this in the ANYPOINT_CLIENT_SECRET environment variable.
--collectMetrics collect metrics. You can define this in the COLLECT_METRICS environment variable.
--environment=<value> Environment Name. You can define this in the ANYPOINT_ENV environment variable.
--expiration-date=<value> Expiration date for the secret.
--host=anypoint.mulesoft.com [default: anypoint.mulesoft.com] Host URL. You can define this in the ANYPOINT_HOST
environment variable.
--key-file=<value> Key file for the PEM type keystore. Not applicable for the JKS/PKCS12/JCEKS type
keystore.
--key-passphrase=<value> Passphrase for the key. It is required for the JKS/PKCS12/JCEKS type keystore, but
optional for the PEM type keystore.
--keystore-file=<value> JKS/PKCS12/JCEKS type keystore file path. Not applicable for the PEM type keystore.
--organization=<value> Organization Name. You can define this in the ANYPOINT_ORG environment variable.
--password=<value> Password. You can define this in the ANYPOINT_PASSWORD environment variable.
--store-passphrase=<value> Passphrase for the JKS/PKCS12/JCEKS type keystore. Not applicable for the PEM type
keystore.
--username=<value> Username. You can define this in the ANYPOINT_USERNAME environment variable.
DESCRIPTION
Create a new keystore secret in the specified secret group.
EXAMPLES
Create a PEM type keystore 'example-secret-1' in a secret group with id '59573b4e-cdea-4917-ac34-b047e1e94dbe'
$ anypoint-cli-secrets-mgr-plugin secrets-mgr keystore create \
--name=example-secret-1 \
--group-id=59573b4e-cdea-4917-ac34-b047e1e94dbe \
--type=PEM \
--key-file=./key.pem \
--cert-file=./cert.pem
Create a JKS type keystore 'example-secret-2' in a secret group with id '7834534e-ghij-9213-xy32-d345e1e94fca'
$ anypoint-cli-secrets-mgr-plugin secrets-mgr keystore create \
--name=example-secret-1 \
--group-id=59573b4e-cdea-4917-ac34-b047e1e94dbe \
--type=JKS \
--keystore-file=./keystore.jks \
--store-passphrase=store1234 \
--key-passphrase=key1234 \
--alias=alias1 \
--expiration-date=2027-01-01
Show the details of a keystore secret. The output will not include the keystore/key file content and the passphrase value.
USAGE
$ anypoint-cli-secrets-mgr-plugin secrets-mgr keystore describe -i <value> -g <value> [--password <value> [--username <value> |
--client_id <value> | ]] [--client_secret <value> ] [--bearer <value> | | ] [--organization <value>] [--environment
<value>] [--host <value>] [--collectMetrics] [-o <value>] [-h]
FLAGS
-g, --group-id=<value> (required) Secret group id.
-h, --help Show CLI help.
-i, --id=<value> (required) Secret id.
-o, --output=<value> [default: table] Format for commands output. Supported values are table (default) and
json
--bearer=<value> Token Bearer. You can define this in the ANYPOINT_BEARER environment variable.
--client_id=<value> Client ID. You can define this in the ANYPOINT_CLIENT_ID environment variable.
--client_secret=<value> Client Secret. You can define this in the ANYPOINT_CLIENT_SECRET environment variable.
--collectMetrics collect metrics. You can define this in the COLLECT_METRICS environment variable.
--environment=<value> Environment Name. You can define this in the ANYPOINT_ENV environment variable.
--host=anypoint.mulesoft.com [default: anypoint.mulesoft.com] Host URL. You can define this in the ANYPOINT_HOST
environment variable.
--organization=<value> Organization Name. You can define this in the ANYPOINT_ORG environment variable.
--password=<value> Password. You can define this in the ANYPOINT_PASSWORD environment variable.
--username=<value> Username. You can define this in the ANYPOINT_USERNAME environment variable.
DESCRIPTION
Show the details of a keystore secret. The output will not include the keystore/key file content and the passphrase
value.
EXAMPLES
Show the details of a keystore secret with id '6fdfa612-6966-4a50-9222-7e31d7480979' in a secret group with id
'59573b4e-cdea-4917-ac34-b047e1e94dbe'.
$ anypoint-cli-secrets-mgr-plugin secrets-mgr keystore describe \
--id=6fdfa612-6966-4a50-9222-7e31d7480979 \
--group-id=59573b4e-cdea-4917-ac34-b047e1e94dbe
List the keystore secrets in a secret group.
USAGE
$ anypoint-cli-secrets-mgr-plugin secrets-mgr keystore list -g <value> [--password <value> [--username <value> | --client_id
<value> | ]] [--client_secret <value> ] [--bearer <value> | | ] [--organization <value>] [--environment <value>]
[--host <value>] [--collectMetrics] [-o <value>] [-h]
FLAGS
-g, --group-id=<value> (required) Secret group id.
-h, --help Show CLI help.
-o, --output=<value> [default: table] Format for commands output. Supported values are table (default) and
json
--bearer=<value> Token Bearer. You can define this in the ANYPOINT_BEARER environment variable.
--client_id=<value> Client ID. You can define this in the ANYPOINT_CLIENT_ID environment variable.
--client_secret=<value> Client Secret. You can define this in the ANYPOINT_CLIENT_SECRET environment variable.
--collectMetrics collect metrics. You can define this in the COLLECT_METRICS environment variable.
--environment=<value> Environment Name. You can define this in the ANYPOINT_ENV environment variable.
--host=anypoint.mulesoft.com [default: anypoint.mulesoft.com] Host URL. You can define this in the ANYPOINT_HOST
environment variable.
--organization=<value> Organization Name. You can define this in the ANYPOINT_ORG environment variable.
--password=<value> Password. You can define this in the ANYPOINT_PASSWORD environment variable.
--username=<value> Username. You can define this in the ANYPOINT_USERNAME environment variable.
DESCRIPTION
List the keystore secrets in a secret group.
EXAMPLES
List all the keystore secrets in a secret group with id '59573b4e-cdea-4917-ac34-b047e1e94dbe'.
$ anypoint-cli-secrets-mgr-plugin secrets-mgr keystore list --group-id=59573b4e-cdea-4917-ac34-b047e1e94dbe
Modify the 'name' or 'expiration date' for an existing keystore secret.
USAGE
$ anypoint-cli-secrets-mgr-plugin secrets-mgr keystore modify -i <value> -g <value> [--password <value> [--username <value> |
--client_id <value> | ]] [--client_secret <value> ] [--bearer <value> | | ] [--organization <value>] [--environment
<value>] [--host <value>] [--collectMetrics] [-n <value>] [--expiration-date <value>] [-o <value>] [-h]
FLAGS
-g, --group-id=<value> (required) Secret group id.
-h, --help Show CLI help.
-i, --id=<value> (required) Secret id.
-n, --name=<value> Name for the secret.
-o, --output=<value> [default: table] Format for commands output. Supported values are table (default) and
json
--bearer=<value> Token Bearer. You can define this in the ANYPOINT_BEARER environment variable.
--client_id=<value> Client ID. You can define this in the ANYPOINT_CLIENT_ID environment variable.
--client_secret=<value> Client Secret. You can define this in the ANYPOINT_CLIENT_SECRET environment variable.
--collectMetrics collect metrics. You can define this in the COLLECT_METRICS environment variable.
--environment=<value> Environment Name. You can define this in the ANYPOINT_ENV environment variable.
--expiration-date=<value> Expiration date for the secret.
--host=anypoint.mulesoft.com [default: anypoint.mulesoft.com] Host URL. You can define this in the ANYPOINT_HOST
environment variable.
--organization=<value> Organization Name. You can define this in the ANYPOINT_ORG environment variable.
--password=<value> Password. You can define this in the ANYPOINT_PASSWORD environment variable.
--username=<value> Username. You can define this in the ANYPOINT_USERNAME environment variable.
DESCRIPTION
Modify the 'name' or 'expiration date' for an existing keystore secret.
EXAMPLES
Modify only the name for the keystore secret with id '6fdfa612-6966-4a50-9222-7e31d7480979' in a secret group with
id '59573b4e-cdea-4917-ac34-b047e1e94dbe'.
$ anypoint-cli-secrets-mgr-plugin secrets-mgr keystore modify \
--id=6fdfa612-6966-4a50-9222-7e31d7480979 \
--group-id=59573b4e-cdea-4917-ac34-b047e1e94dbe \
--name=new-secret-name
Replace an existing keystore secret. Keystore type cannot be changed during replacement update.
USAGE
$ anypoint-cli-secrets-mgr-plugin secrets-mgr keystore replace -i <value> -n <value> -g <value> -t PEM|JKS|PKCS12|JCEKS
[--password <value> [--username <value> | --client_id <value> | ]] [--client_secret <value> ] [--bearer <value> | |
] [--organization <value>] [--environment <value>] [--host <value>] [--collectMetrics] [--keystore-file <value>]
[--key-file <value>] [--cert-file <value>] [--capath-file <value>] [--store-passphrase <value>] [--key-passphrase
<value>] [--alias <value>] [--algorithm PKIX|SunX509] [--expiration-date <value>] [-o <value>] [-h]
FLAGS
-g, --group-id=<value> (required) Secret group id.
-h, --help Show CLI help.
-i, --id=<value> (required) Secret id.
-n, --name=<value> (required) Name for the secret.
-o, --output=<value> [default: table] Format for commands output. Supported values are table (default) and
json
-t, --type=<option> (required) Keystore type.
<options: PEM|JKS|PKCS12|JCEKS>
--algorithm=<option> Key manager factory algorithm for the JKS/PKCS12/JCEKS type keystore. Not applicable for
the PEM type keystore.
<options: PKIX|SunX509>
--alias=<value> Alias for the key in the JKS/PKCS12/JCEKS type keystore. Not applicable for the PEM type
keystore.
--bearer=<value> Token Bearer. You can define this in the ANYPOINT_BEARER environment variable.
--capath-file=<value> CA path certificate file for the PEM type keystore. Not applicable for the
JKS/PKCS12/JCEKS type keystore.
--cert-file=<value> Certificate file for the PEM type keystore. Not applicable for the JKS/PKCS12/JCEKS type
keystore.
--client_id=<value> Client ID. You can define this in the ANYPOINT_CLIENT_ID environment variable.
--client_secret=<value> Client Secret. You can define this in the ANYPOINT_CLIENT_SECRET environment variable.
--collectMetrics collect metrics. You can define this in the COLLECT_METRICS environment variable.
--environment=<value> Environment Name. You can define this in the ANYPOINT_ENV environment variable.
--expiration-date=<value> Expiration date for the secret.
--host=anypoint.mulesoft.com [default: anypoint.mulesoft.com] Host URL. You can define this in the ANYPOINT_HOST
environment variable.
--key-file=<value> Key file for the PEM type keystore. Not applicable for the JKS/PKCS12/JCEKS type
keystore.
--key-passphrase=<value> Passphrase for the key. It is required for the JKS/PKCS12/JCEKS type keystore, but
optional for the PEM type keystore.
--keystore-file=<value> JKS/PKCS12/JCEKS type keystore file path. Not applicable for the PEM type keystore.
--organization=<value> Organization Name. You can define this in the ANYPOINT_ORG environment variable.
--password=<value> Password. You can define this in the ANYPOINT_PASSWORD environment variable.
--store-passphrase=<value> Passphrase for the JKS/PKCS12/JCEKS type keystore. Not applicable for the PEM type
keystore.
--username=<value> Username. You can define this in the ANYPOINT_USERNAME environment variable.
DESCRIPTION
Replace an existing keystore secret. Keystore type cannot be changed during replacement update.
EXAMPLES
Replace a keystore secret with id '6fdfa612-6966-4a50-9222-7e31d7480979' in a secret group with id
'59573b4e-cdea-4917-ac34-b047e1e94dbe'.
$ anypoint-cli-secrets-mgr-plugin secrets-mgr keystore replace \
--id=6fdfa612-6966-4a50-9222-7e31d7480979 \
--group-id=59573b4e-cdea-4917-ac34-b047e1e94dbe \
--name=example-secret-1 \
--type=PEM \
--key-file=./new-key.pem \
--cert-file=./new-cert.pem \
--expiration-date=2027-01-01
Create a new secret group in the configured/specified organization and environment.
USAGE
$ anypoint-cli-secrets-mgr-plugin secrets-mgr secret-group create -n <value> [--password <value> [--username <value> | --client_id
<value> | ]] [--client_secret <value> ] [--bearer <value> | | ] [--organization <value>] [--environment <value>]
[--host <value>] [--collectMetrics] [-o <value>] [-h] [--downloadable]
FLAGS
-h, --help Show CLI help.
-n, --name=<value> (required) Name for the secret group.
-o, --output=<value> [default: table] Format for commands output. Supported values are table (default) and
json
--bearer=<value> Token Bearer. You can define this in the ANYPOINT_BEARER environment variable.
--client_id=<value> Client ID. You can define this in the ANYPOINT_CLIENT_ID environment variable.
--client_secret=<value> Client Secret. You can define this in the ANYPOINT_CLIENT_SECRET environment variable.
--collectMetrics collect metrics. You can define this in the COLLECT_METRICS environment variable.
--downloadable Indicates the secret group is downloadable.
--environment=<value> Environment Name. You can define this in the ANYPOINT_ENV environment variable.
--host=anypoint.mulesoft.com [default: anypoint.mulesoft.com] Host URL. You can define this in the ANYPOINT_HOST
environment variable.
--organization=<value> Organization Name. You can define this in the ANYPOINT_ORG environment variable.
--password=<value> Password. You can define this in the ANYPOINT_PASSWORD environment variable.
--username=<value> Username. You can define this in the ANYPOINT_USERNAME environment variable.
DESCRIPTION
Create a new secret group in the configured/specified organization and environment.
EXAMPLES
Create a secret group named 'example-group-1' in the configured organization and environment.
$ anypoint-cli-secrets-mgr-plugin secrets-mgr secret-group create --name=example-group-1
Create a secret group named 'example-group-2' with downloadable option enabled in the configured organization and
environment.
$ anypoint-cli-secrets-mgr-plugin secrets-mgr secret-group create --name=example-group-2 --downloadable
Create a secret group named 'example-group-3' in the specified organization and environment.
$ anypoint-cli-secrets-mgr-plugin secrets-mgr secret-group create --name=example-group-3 \
--organization=Salesforce --environment=Design
Delete a secret group.
USAGE
$ anypoint-cli-secrets-mgr-plugin secrets-mgr secret-group delete -i <value> [--password <value> [--username <value> | --client_id
<value> | ]] [--client_secret <value> ] [--bearer <value> | | ] [--organization <value>] [--environment <value>]
[--host <value>] [--collectMetrics] [-o <value>] [-h]
FLAGS
-h, --help Show CLI help.
-i, --id=<value> (required) Secret group id.
-o, --output=<value> [default: table] Format for commands output. Supported values are table (default) and
json
--bearer=<value> Token Bearer. You can define this in the ANYPOINT_BEARER environment variable.
--client_id=<value> Client ID. You can define this in the ANYPOINT_CLIENT_ID environment variable.
--client_secret=<value> Client Secret. You can define this in the ANYPOINT_CLIENT_SECRET environment variable.
--collectMetrics collect metrics. You can define this in the COLLECT_METRICS environment variable.
--environment=<value> Environment Name. You can define this in the ANYPOINT_ENV environment variable.
--host=anypoint.mulesoft.com [default: anypoint.mulesoft.com] Host URL. You can define this in the ANYPOINT_HOST
environment variable.
--organization=<value> Organization Name. You can define this in the ANYPOINT_ORG environment variable.
--password=<value> Password. You can define this in the ANYPOINT_PASSWORD environment variable.
--username=<value> Username. You can define this in the ANYPOINT_USERNAME environment variable.
DESCRIPTION
Delete a secret group.
EXAMPLES
Delete a secret group whose id is '59573b4e-cdea-4917-ac34-b047e1e94dbe'.
$ anypoint-cli-secrets-mgr-plugin secrets-mgr secret-group delete --id=59573b4e-cdea-4917-ac34-b047e1e94dbe
Show the details of a secret group.
USAGE
$ anypoint-cli-secrets-mgr-plugin secrets-mgr secret-group describe -i <value> [--password <value> [--username <value> | --client_id
<value> | ]] [--client_secret <value> ] [--bearer <value> | | ] [--organization <value>] [--environment <value>]
[--host <value>] [--collectMetrics] [-o <value>] [-h]
FLAGS
-h, --help Show CLI help.
-i, --id=<value> (required) Secret group id.
-o, --output=<value> [default: table] Format for commands output. Supported values are table (default) and
json
--bearer=<value> Token Bearer. You can define this in the ANYPOINT_BEARER environment variable.
--client_id=<value> Client ID. You can define this in the ANYPOINT_CLIENT_ID environment variable.
--client_secret=<value> Client Secret. You can define this in the ANYPOINT_CLIENT_SECRET environment variable.
--collectMetrics collect metrics. You can define this in the COLLECT_METRICS environment variable.
--environment=<value> Environment Name. You can define this in the ANYPOINT_ENV environment variable.
--host=anypoint.mulesoft.com [default: anypoint.mulesoft.com] Host URL. You can define this in the ANYPOINT_HOST
environment variable.
--organization=<value> Organization Name. You can define this in the ANYPOINT_ORG environment variable.
--password=<value> Password. You can define this in the ANYPOINT_PASSWORD environment variable.
--username=<value> Username. You can define this in the ANYPOINT_USERNAME environment variable.
DESCRIPTION
Show the details of a secret group.
EXAMPLES
Show the details of the secret group whose id is '59573b4e-cdea-4917-ac34-b047e1e94dbe'.
$ anypoint-cli-secrets-mgr-plugin secrets-mgr secret-group describe --id=59573b4e-cdea-4917-ac34-b047e1e94dbe
List the secret groups in the configured/specified organization and environment.
USAGE
$ anypoint-cli-secrets-mgr-plugin secrets-mgr secret-group list [--password <value> [--username <value> | --client_id <value> |
]] [--client_secret <value> ] [--bearer <value> | | ] [--organization <value>] [--environment <value>] [--host
<value>] [--collectMetrics] [-o <value>] [-h]
FLAGS
-h, --help Show CLI help.
-o, --output=<value> [default: table] Format for commands output. Supported values are table (default) and
json
--bearer=<value> Token Bearer. You can define this in the ANYPOINT_BEARER environment variable.
--client_id=<value> Client ID. You can define this in the ANYPOINT_CLIENT_ID environment variable.
--client_secret=<value> Client Secret. You can define this in the ANYPOINT_CLIENT_SECRET environment variable.
--collectMetrics collect metrics. You can define this in the COLLECT_METRICS environment variable.
--environment=<value> Environment Name. You can define this in the ANYPOINT_ENV environment variable.
--host=anypoint.mulesoft.com [default: anypoint.mulesoft.com] Host URL. You can define this in the ANYPOINT_HOST
environment variable.
--organization=<value> Organization Name. You can define this in the ANYPOINT_ORG environment variable.
--password=<value> Password. You can define this in the ANYPOINT_PASSWORD environment variable.
--username=<value> Username. You can define this in the ANYPOINT_USERNAME environment variable.
DESCRIPTION
List the secret groups in the configured/specified organization and environment.
EXAMPLES
List the secret groups in the configured organization and environment.
$ anypoint-cli-secrets-mgr-plugin secrets-mgr secret-group list
List the secret groups in the specified organization and environment.
$ anypoint-cli-secrets-mgr-plugin secrets-mgr secret-group list --organization=Salesforce --environment=Design
Modify an existing secret group in the configured/specified organization and environment.
USAGE
$ anypoint-cli-secrets-mgr-plugin secrets-mgr secret-group modify -i <value> [--password <value> [--username <value> | --client_id
<value> | ]] [--client_secret <value> ] [--bearer <value> | | ] [--organization <value>] [--environment <value>]
[--host <value>] [--collectMetrics] [-o <value>] [-h] [-n <value>] [--downloadable]
FLAGS
-h, --help Show CLI help.
-i, --id=<value> (required) Secret group id.
-n, --name=<value> Name for the secret group.
-o, --output=<value> [default: table] Format for commands output. Supported values are table (default) and
json
--bearer=<value> Token Bearer. You can define this in the ANYPOINT_BEARER environment variable.
--client_id=<value> Client ID. You can define this in the ANYPOINT_CLIENT_ID environment variable.
--client_secret=<value> Client Secret. You can define this in the ANYPOINT_CLIENT_SECRET environment variable.
--collectMetrics collect metrics. You can define this in the COLLECT_METRICS environment variable.
--[no-]downloadable Indicate the secret group is downloadable. To indicate the secret group is not
downloadable, prefix with "no-"
--environment=<value> Environment Name. You can define this in the ANYPOINT_ENV environment variable.
--host=anypoint.mulesoft.com [default: anypoint.mulesoft.com] Host URL. You can define this in the ANYPOINT_HOST
environment variable.
--organization=<value> Organization Name. You can define this in the ANYPOINT_ORG environment variable.
--password=<value> Password. You can define this in the ANYPOINT_PASSWORD environment variable.
--username=<value> Username. You can define this in the ANYPOINT_USERNAME environment variable.
DESCRIPTION
Modify an existing secret group in the configured/specified organization and environment.
EXAMPLES
Modify only the name of the secret group with id 0bd52420-f252-4c05-bae2-1951efd816cb.
$ anypoint-cli-secrets-mgr-plugin secrets-mgr secret-group modify --id=0bd52420-f252-4c05-bae2-1951efd816cb \
--name=example-group-1-update
Enable the downloadable option for the secret group with id 0bd52420-f252-4c05-bae2-1951efd816cb.
$ anypoint-cli-secrets-mgr-plugin secrets-mgr secret-group modify --id=0bd52420-f252-4c05-bae2-1951efd816cb \
--downloadable
Disable the downloadable option for the secret group with id 0bd52420-f252-4c05-bae2-1951efd816cb.
$ anypoint-cli-secrets-mgr-plugin secrets-mgr secret-group modify --id=0bd52420-f252-4c05-bae2-1951efd816cb \
--no-downloadable
Create a new shared secret in the specified secret group.
USAGE
$ anypoint-cli-secrets-mgr-plugin secrets-mgr shared-secret create -g <value> -n <value> -t
Blob|UsernamePassword|SymmetricKey|S3Credential [--password <value> [--username <value> | --client_id <value> | ]]
[--client_secret <value> ] [--bearer <value> | | ] [--organization <value>] [--environment <value>] [--host
<value>] [--collectMetrics] [--secret-username <value> | --key <value> | --access-key-id <value> |
--secret-access-key <value> | --content <value>] [--secret-password <value> | | | | ] [--expiration-date <value>]
[-o <value>] [-h]
FLAGS
-g, --group-id=<value> (required) Secret group id.
-h, --help Show CLI help.
-n, --name=<value> (required) Name for the secret.
-o, --output=<value> [default: table] Format for commands output. Supported values are table (default) and
json
-t, --type=<option> (required) Shared secret type.
<options: Blob|UsernamePassword|SymmetricKey|S3Credential>
--access-key-id=<value> S3 access key id for the "S3Credentials" shared secret type.
--bearer=<value> Token Bearer. You can define this in the ANYPOINT_BEARER environment variable.
--client_id=<value> Client ID. You can define this in the ANYPOINT_CLIENT_ID environment variable.
--client_secret=<value> Client Secret. You can define this in the ANYPOINT_CLIENT_SECRET environment variable.
--collectMetrics collect metrics. You can define this in the COLLECT_METRICS environment variable.
--content=<value> Blob text content for the "Blob" shared secret type.
--environment=<value> Environment Name. You can define this in the ANYPOINT_ENV environment variable.
--expiration-date=<value> Expiration date for the secret.
--host=anypoint.mulesoft.com [default: anypoint.mulesoft.com] Host URL. You can define this in the ANYPOINT_HOST
environment variable.
--key=<value> Key value for the "SymmetricKey" shared secret type.
--organization=<value> Organization Name. You can define this in the ANYPOINT_ORG environment variable.
--password=<value> Password. You can define this in the ANYPOINT_PASSWORD environment variable.
--secret-access-key=<value> S3 secret access key for the "S3Credentials" shared secret type.
--secret-password=<value> Password for the "UsernamePassword" shared secret type.
--secret-username=<value> User name for the "UsernamePassword" shared secret type.
--username=<value> Username. You can define this in the ANYPOINT_USERNAME environment variable.
DESCRIPTION
Create a new shared secret in the specified secret group.
EXAMPLES
Create a shared secret 'example-secret-1' of type 'UsernamePassword' in a secret group with id
'59573b4e-cdea-4917-ac34-b047e1e94dbe'
$ anypoint-cli-secrets-mgr-plugin secrets-mgr shared-secret create \
--name=example-secret-1 \
--group-id=59573b4e-cdea-4917-ac34-b047e1e94dbe \
--type=UsernamePassword \
--secret-username=exampleUser \
--secret-password=examplePwd \
--expiration-date=2027-01-01
Create a shared secret 'example-secret-2' of type 'Blob' in a secret group with id
'59573b4e-cdea-4917-ac34-b047e1e94dbe'
$ anypoint-cli-secrets-mgr-plugin secrets-mgr shared-secret create \
--name=example-secret-2 \
--group-id=59573b4e-cdea-4917-ac34-b047e1e94dbe \
--type=Blob \
--content='example blob content'
Show the details of a shared secret. The output will not include any sensitive secret material.
USAGE
$ anypoint-cli-secrets-mgr-plugin secrets-mgr shared-secret describe -i <value> -g <value> [--password <value> [--username <value> |
--client_id <value> | ]] [--client_secret <value> ] [--bearer <value> | | ] [--organization <value>] [--environment
<value>] [--host <value>] [--collectMetrics] [-o <value>] [-h]
FLAGS
-g, --group-id=<value> (required) Secret group id.
-h, --help Show CLI help.
-i, --id=<value> (required) Secret id.
-o, --output=<value> [default: table] Format for commands output. Supported values are table (default) and
json
--bearer=<value> Token Bearer. You can define this in the ANYPOINT_BEARER environment variable.
--client_id=<value> Client ID. You can define this in the ANYPOINT_CLIENT_ID environment variable.
--client_secret=<value> Client Secret. You can define this in the ANYPOINT_CLIENT_SECRET environment variable.
--collectMetrics collect metrics. You can define this in the COLLECT_METRICS environment variable.
--environment=<value> Environment Name. You can define this in the ANYPOINT_ENV environment variable.
--host=anypoint.mulesoft.com [default: anypoint.mulesoft.com] Host URL. You can define this in the ANYPOINT_HOST
environment variable.
--organization=<value> Organization Name. You can define this in the ANYPOINT_ORG environment variable.
--password=<value> Password. You can define this in the ANYPOINT_PASSWORD environment variable.
--username=<value> Username. You can define this in the ANYPOINT_USERNAME environment variable.
DESCRIPTION
Show the details of a shared secret. The output will not include any sensitive secret material.
EXAMPLES
Show the details of a shared secret with id '6fdfa612-6966-4a50-9222-7e31d7480979' in a secret group with id
'59573b4e-cdea-4917-ac34-b047e1e94dbe'.
$ anypoint-cli-secrets-mgr-plugin secrets-mgr shared-secret describe \
--id=6fdfa612-6966-4a50-9222-7e31d7480979 \
--group-id=59573b4e-cdea-4917-ac34-b047e1e94dbe
List all the shared secrets in a secret group.
USAGE
$ anypoint-cli-secrets-mgr-plugin secrets-mgr shared-secret list -g <value> [--password <value> [--username <value> | --client_id
<value> | ]] [--client_secret <value> ] [--bearer <value> | | ] [--organization <value>] [--environment <value>]
[--host <value>] [--collectMetrics] [-o <value>] [-h]
FLAGS
-g, --group-id=<value> (required) Secret group id.
-h, --help Show CLI help.
-o, --output=<value> [default: table] Format for commands output. Supported values are table (default) and
json
--bearer=<value> Token Bearer. You can define this in the ANYPOINT_BEARER environment variable.
--client_id=<value> Client ID. You can define this in the ANYPOINT_CLIENT_ID environment variable.
--client_secret=<value> Client Secret. You can define this in the ANYPOINT_CLIENT_SECRET environment variable.
--collectMetrics collect metrics. You can define this in the COLLECT_METRICS environment variable.
--environment=<value> Environment Name. You can define this in the ANYPOINT_ENV environment variable.
--host=anypoint.mulesoft.com [default: anypoint.mulesoft.com] Host URL. You can define this in the ANYPOINT_HOST
environment variable.
--organization=<value> Organization Name. You can define this in the ANYPOINT_ORG environment variable.
--password=<value> Password. You can define this in the ANYPOINT_PASSWORD environment variable.
--username=<value> Username. You can define this in the ANYPOINT_USERNAME environment variable.
DESCRIPTION
List all the shared secrets in a secret group.
EXAMPLES
List all the shared secrets in a secret group with id '59573b4e-cdea-4917-ac34-b047e1e94dbe'.
$ anypoint-cli-secrets-mgr-plugin secrets-mgr shared-secret list --group-id=59573b4e-cdea-4917-ac34-b047e1e94dbe
Modify the 'name' or 'expiration date' for a shared secret.
USAGE
$ anypoint-cli-secrets-mgr-plugin secrets-mgr shared-secret modify -i <value> -g <value> [--password <value> [--username <value> |
--client_id <value> | ]] [--client_secret <value> ] [--bearer <value> | | ] [--organization <value>] [--environment
<value>] [--host <value>] [--collectMetrics] [-n <value>] [--expiration-date <value>] [-o <value>] [-h]
FLAGS
-g, --group-id=<value> (required) Secret group id.
-h, --help Show CLI help.
-i, --id=<value> (required) Secret id.
-n, --name=<value> Name for the secret.
-o, --output=<value> [default: table] Format for commands output. Supported values are table (default) and
json
--bearer=<value> Token Bearer. You can define this in the ANYPOINT_BEARER environment variable.
--client_id=<value> Client ID. You can define this in the ANYPOINT_CLIENT_ID environment variable.
--client_secret=<value> Client Secret. You can define this in the ANYPOINT_CLIENT_SECRET environment variable.
--collectMetrics collect metrics. You can define this in the COLLECT_METRICS environment variable.
--environment=<value> Environment Name. You can define this in the ANYPOINT_ENV environment variable.
--expiration-date=<value> Expiration date for the secret.
--host=anypoint.mulesoft.com [default: anypoint.mulesoft.com] Host URL. You can define this in the ANYPOINT_HOST
environment variable.
--organization=<value> Organization Name. You can define this in the ANYPOINT_ORG environment variable.
--password=<value> Password. You can define this in the ANYPOINT_PASSWORD environment variable.
--username=<value> Username. You can define this in the ANYPOINT_USERNAME environment variable.
DESCRIPTION
Modify the 'name' or 'expiration date' for a shared secret.
EXAMPLES
Modify only the name for a shared secret with id '6fdfa612-6966-4a50-9222-7e31d7480979' in a secret group with id
'59573b4e-cdea-4917-ac34-b047e1e94dbe'.
$ anypoint-cli-secrets-mgr-plugin secrets-mgr shared-secret modify \
--id=6fdfa612-6966-4a50-9222-7e31d7480979 \
--group-id=59573b4e-cdea-4917-ac34-b047e1e94dbe \
--name=new-secret-name
Replace an existing shared secret. Secret type cannot be changed during replacement update.
USAGE
$ anypoint-cli-secrets-mgr-plugin secrets-mgr shared-secret replace -i <value> -n <value> -g <value> -t
Blob|UsernamePassword|SymmetricKey|S3Credential [--password <value> [--username <value> | --client_id <value> | ]]
[--client_secret <value> ] [--bearer <value> | | ] [--organization <value>] [--environment <value>] [--host
<value>] [--collectMetrics] [--secret-username <value> | --key <value> | --access-key-id <value> |
--secret-access-key <value> | --content <value>] [--secret-password <value> | | | | ] [--expiration-date <value>]
[-o <value>] [-h]
FLAGS
-g, --group-id=<value> (required) Secret group id.
-h, --help Show CLI help.
-i, --id=<value> (required) Secret id.
-n, --name=<value> (required) Name for the secret.
-o, --output=<value> [default: table] Format for commands output. Supported values are table (default) and
json
-t, --type=<option> (required) Shared secret type.
<options: Blob|UsernamePassword|SymmetricKey|S3Credential>
--access-key-id=<value> S3 access key id for the "S3Credentials" shared secret type.
--bearer=<value> Token Bearer. You can define this in the ANYPOINT_BEARER environment variable.
--client_id=<value> Client ID. You can define this in the ANYPOINT_CLIENT_ID environment variable.
--client_secret=<value> Client Secret. You can define this in the ANYPOINT_CLIENT_SECRET environment variable.
--collectMetrics collect metrics. You can define this in the COLLECT_METRICS environment variable.
--content=<value> Blob text content for the "Blob" shared secret type.
--environment=<value> Environment Name. You can define this in the ANYPOINT_ENV environment variable.
--expiration-date=<value> Expiration date for the secret.
--host=anypoint.mulesoft.com [default: anypoint.mulesoft.com] Host URL. You can define this in the ANYPOINT_HOST
environment variable.
--key=<value> Key value for the "SymmetricKey" shared secret type.
--organization=<value> Organization Name. You can define this in the ANYPOINT_ORG environment variable.
--password=<value> Password. You can define this in the ANYPOINT_PASSWORD environment variable.
--secret-access-key=<value> S3 secret access key for the "S3Credentials" shared secret type.
--secret-password=<value> Password for the "UsernamePassword" shared secret type.
--secret-username=<value> User name for the "UsernamePassword" shared secret type.
--username=<value> Username. You can define this in the ANYPOINT_USERNAME environment variable.
DESCRIPTION
Replace an existing shared secret. Secret type cannot be changed during replacement update.
EXAMPLES
Replace an existing shared secret with id '6fdfa612-6966-4a50-9222-7e31d7480979' and type 'UsernamePassword' in a
secret group with id '59573b4e-cdea-4917-ac34-b047e1e94dbe'.
$ anypoint-cli-secrets-mgr-plugin secrets-mgr shared-secret replace \
--id=6fdfa612-6966-4a50-9222-7e31d7480979 \
--group-id=59573b4e-cdea-4917-ac34-b047e1e94dbe \
--name=example-secret-1 \
--type=UsernamePassword \
--secret-username=newUser \
--secret-password=newPwd \
--expiration-date=2028-01-01
Replace an existing shared secret with id '905fcc78-412f-4980-bbb5-0555b9fbab06' and type 'Blob' in a secret group
with id '59573b4e-cdea-4917-ac34-b047e1e94dbe'.
$ anypoint-cli-secrets-mgr-plugin secrets-mgr shared-secret replace \
--id=905fcc78-412f-4980-bbb5-0555b9fbab06 \
--group-id=59573b4e-cdea-4917-ac34-b047e1e94dbe \
--name=example-secret-2 \
--type=Blob \
--content='new blob content'
Create a new Flex Gateway TLS context secret in the specified secret group.
USAGE
$ anypoint-cli-secrets-mgr-plugin secrets-mgr tls-context flex-gateway create -g <value> -n <value> [--password <value> [--username <value> |
--client_id <value> | ]] [--client_secret <value> ] [--bearer <value> | | ] [--organization <value>] [--environment
<value>] [--host <value>] [--collectMetrics] [--alpn-protocol h2|http/1.1] [--min-tls-version
TLSv1.1|TLSv1.2|TLSv1.3] [--max-tls-version TLSv1.1|TLSv1.2|TLSv1.3] [--keystore-id <value>] [--truststore-id
<value>] [--enable-client-cert-validation] [--skip-server-cert-validation] [-c <value>] [--expiration-date <value>]
[-o <value>] [-h]
FLAGS
-c, --cipher=<value>...
Cipher to be applied for the specified TLS version range. If no cipher is specified then the default ciphers for the
specified TLS version will be applied. For TLSv1.1, there are no default ciphers, hence atleast one TLSv1.1
compatible cipher must be specified, if TLSv1.1 is in the specified TLS version range. For TLSv1.3, default ciphers
will always apply and cannot be explicitly specified. Please see the Flex Gateway online documentation
[https://docs.mulesoft.com/gateway/latest/flex-conn-tls-config#select-ciphers] for more details.
Following are the acceptable ciphers for TLSv1.2. The Ciphers tagged with "*" are the default ciphers:
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 [*]
TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 [*]
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 [*]
TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 [*]
TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 [*]
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 [*]
TLS_RSA_WITH_AES_128_GCM_SHA256
TLS_RSA_WITH_AES_256_GCM_SHA384
TLS_RSA_WITH_AES_128_CBC_SHA
TLS_RSA_WITH_AES_256_CBC_SHA
TLS_PSK_WITH_AES_128_CBC_SHA
TLS_PSK_WITH_AES_256_CBC_SHA
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA
TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA
TLS_RSA_WITH_NULL_SHA
Following are the acceptable ciphers for TLSv1.1:
TLS_RSA_WITH_AES_128_CBC_SHA
TLS_RSA_WITH_AES_256_CBC_SHA
TLS_PSK_WITH_AES_128_CBC_SHA
TLS_PSK_WITH_AES_256_CBC_SHA
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA
TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA
TLS_RSA_WITH_3DES_EDE_CBC_SHA
TLS_RSA_WITH_NULL_SHA
-g, --group-id=<value>
(required) Secret group id.
-h, --help
Show CLI help.
-n, --name=<value>
(required) Name for the secret.
-o, --output=<value>
[default: table] Format for commands output. Supported values are table (default) and json
--alpn-protocol=<option>...
[default: h2,http/1.1] Alpn protocol. If multiple values are specified, then the preferred order will be from the
left to right.
<options: h2|http/1.1>
--bearer=<value>
Token Bearer. You can define this in the ANYPOINT_BEARER environment variable.
--client_id=<value>
Client ID. You can define this in the ANYPOINT_CLIENT_ID environment variable.
--client_secret=<value>
Client Secret. You can define this in the ANYPOINT_CLIENT_SECRET environment variable.
--collectMetrics
collect metrics. You can define this in the COLLECT_METRICS environment variable.
--enable-client-cert-validation
Enable client certificate validation.
--environment=<value>
Environment Name. You can define this in the ANYPOINT_ENV environment variable.
--expiration-date=<value>
Expiration date for the secret.
--host=anypoint.mulesoft.com
[default: anypoint.mulesoft.com] Host URL. You can define this in the ANYPOINT_HOST environment variable.
--keystore-id=<value>
A valid PEM keystore id in the secret group. This will be the keystore for the tls context.
--max-tls-version=<option>
[default: TLSv1.3] Maximum TLS version. By default, TLSv1.3 is selected, if this flag is not explicitly set.
<options: TLSv1.1|TLSv1.2|TLSv1.3>
--min-tls-version=<option>
[default: TLSv1.3] Minimum TLS version. By default, TLSv1.3 is selected, if this flag is not explicitly set.
<options: TLSv1.1|TLSv1.2|TLSv1.3>
--organization=<value>
Organization Name. You can define this in the ANYPOINT_ORG environment variable.
--password=<value>
Password. You can define this in the ANYPOINT_PASSWORD environment variable.
--skip-server-cert-validation
Skip server certificate validation.
--truststore-id=<value>
A valid PEM truststore id in the secret group. This will be the truststore for the tls context.
--username=<value>
Username. You can define this in the ANYPOINT_USERNAME environment variable.
DESCRIPTION
Create a new Flex Gateway TLS context secret in the specified secret group.
EXAMPLES
Create a Flex Gateway TLS context 'example-secret-1' in a secret group with id
'59573b4e-cdea-4917-ac34-b047e1e94dbe'. Multiple ALPN protocol are specified in the preferred order ('h2' first and
then 'http/1.1'). Referenced keystore and truststore exists in the same secret group where this tls context secret
is created. Since 'cipher' is not specified for the TLSv1.2 version, default ciphers will be applied.
$ anypoint-cli-secrets-mgr-plugin secrets-mgr tls-context flex-gateway create \
--name=example-secret-1 \
--group-id=59573b4e-cdea-4917-ac34-b047e1e94dbe \
--alpn-protocol=h2 \
--alpn-protocol=http/1.1 \
--min-tls-version=TLSv1.2 \
--max-tls-version=TLSv1.3 \
--keystore-id=2d773060-aed0-46a7-b131-efbdb6ceff70 \
--truststore-id=588c33e4-7f6f-44be-94e8-8b65a56d1670 \
Create a Flex Gateway TLS context 'example-secret-2' in a secret group with id
'7834534e-ghij-9213-xy32-d345e1e94fca' with min & max tls version as TLSv1.3. This context is configured only with a
keystore.
$ anypoint-cli-secrets-mgr-plugin secrets-mgr tls-context flex-gateway create \
--name=example-secret-2 \
--group-id=7834534e-ghij-9213-xy32-d345e1e94fca \
--min-tls-version=TLSv1.3 \
--max-tls-version=TLSv1.3 \
--keystore-id=2d773060-aed0-46a7-b131-efbdb6ceff70 \
Create a Flex Gateway TLS context 'example-secret-3' in a secret group with id
'7834534e-ghij-9213-xy32-d345e1e94fca'. This context is configured only with a truststore. Since Min and Max TLS
versions are not specified they defaults to TLSv1.3
$ anypoint-cli-secrets-mgr-plugin secrets-mgr tls-context flex-gateway create \
--name=example-secret-3 \
--group-id=7834534e-ghij-9213-xy32-d345e1e94fca \
--truststore-id=588c33e4-7f6f-44be-94e8-8b65a56d1670 \
Show the details of a Flex Gateway TLS context secret. The output will include only the keystore and truststore id, if available for the context and not their contents.
USAGE
$ anypoint-cli-secrets-mgr-plugin secrets-mgr tls-context flex-gateway describe -i <value> -g <value> [--password <value> [--username <value> |
--client_id <value> | ]] [--client_secret <value> ] [--bearer <value> | | ] [--organization <value>] [--environment
<value>] [--host <value>] [--collectMetrics] [-o <value>] [-h]
FLAGS
-g, --group-id=<value> (required) Secret group id.
-h, --help Show CLI help.
-i, --id=<value> (required) Secret id.
-o, --output=<value> [default: table] Format for commands output. Supported values are table (default) and
json
--bearer=<value> Token Bearer. You can define this in the ANYPOINT_BEARER environment variable.
--client_id=<value> Client ID. You can define this in the ANYPOINT_CLIENT_ID environment variable.
--client_secret=<value> Client Secret. You can define this in the ANYPOINT_CLIENT_SECRET environment variable.
--collectMetrics collect metrics. You can define this in the COLLECT_METRICS environment variable.
--environment=<value> Environment Name. You can define this in the ANYPOINT_ENV environment variable.
--host=anypoint.mulesoft.com [default: anypoint.mulesoft.com] Host URL. You can define this in the ANYPOINT_HOST
environment variable.
--organization=<value> Organization Name. You can define this in the ANYPOINT_ORG environment variable.
--password=<value> Password. You can define this in the ANYPOINT_PASSWORD environment variable.
--username=<value> Username. You can define this in the ANYPOINT_USERNAME environment variable.
DESCRIPTION
Show the details of a Flex Gateway TLS context secret. The output will include only the keystore and truststore id, if
available for the context and not their contents.
EXAMPLES
Show the details of a Flex Gateway TLS context secret with id '936d8f5f-947c-4512-aa11-46ae186662f7' in a secret
group with id '59573b4e-cdea-4917-ac34-b047e1e94dbe'.
$ anypoint-cli-secrets-mgr-plugin secrets-mgr tls-context flex-gateway describe \
--id=936d8f5f-947c-4512-aa11-46ae186662f7 --group-id=59573b4e-cdea-4917-ac34-b047e1e94dbe
List the Flex Gateway TLS context secrets in a secret group.
USAGE
$ anypoint-cli-secrets-mgr-plugin secrets-mgr tls-context flex-gateway list -g <value> [--password <value> [--username <value> | --client_id
<value> | ]] [--client_secret <value> ] [--bearer <value> | | ] [--organization <value>] [--environment <value>]
[--host <value>] [--collectMetrics] [-o <value>] [-h]
FLAGS
-g, --group-id=<value> (required) Secret group id.
-h, --help Show CLI help.
-o, --output=<value> [default: table] Format for commands output. Supported values are table (default) and
json
--bearer=<value> Token Bearer. You can define this in the ANYPOINT_BEARER environment variable.
--client_id=<value> Client ID. You can define this in the ANYPOINT_CLIENT_ID environment variable.
--client_secret=<value> Client Secret. You can define this in the ANYPOINT_CLIENT_SECRET environment variable.
--collectMetrics collect metrics. You can define this in the COLLECT_METRICS environment variable.
--environment=<value> Environment Name. You can define this in the ANYPOINT_ENV environment variable.
--host=anypoint.mulesoft.com [default: anypoint.mulesoft.com] Host URL. You can define this in the ANYPOINT_HOST
environment variable.
--organization=<value> Organization Name. You can define this in the ANYPOINT_ORG environment variable.
--password=<value> Password. You can define this in the ANYPOINT_PASSWORD environment variable.
--username=<value> Username. You can define this in the ANYPOINT_USERNAME environment variable.
DESCRIPTION
List the Flex Gateway TLS context secrets in a secret group.
EXAMPLES
List all the Flex Gateway TLS context secrets in a secret group with id '59573b4e-cdea-4917-ac34-b047e1e94dbe'.
$ anypoint-cli-secrets-mgr-plugin secrets-mgr tls-context flex-gateway list \
--group-id=59573b4e-cdea-4917-ac34-b047e1e94dbe
Modify the 'name' or 'expiration date' for an existing Flex Gateway TLS context secret.
USAGE
$ anypoint-cli-secrets-mgr-plugin secrets-mgr tls-context flex-gateway modify -i <value> -g <value> [--password <value> [--username <value> |
--client_id <value> | ]] [--client_secret <value> ] [--bearer <value> | | ] [--organization <value>] [--environment
<value>] [--host <value>] [--collectMetrics] [-n <value>] [--expiration-date <value>] [-o <value>] [-h]
FLAGS
-g, --group-id=<value> (required) Secret group id.
-h, --help Show CLI help.
-i, --id=<value> (required) Secret id.
-n, --name=<value> Name for the secret.
-o, --output=<value> [default: table] Format for commands output. Supported values are table (default) and
json
--bearer=<value> Token Bearer. You can define this in the ANYPOINT_BEARER environment variable.
--client_id=<value> Client ID. You can define this in the ANYPOINT_CLIENT_ID environment variable.
--client_secret=<value> Client Secret. You can define this in the ANYPOINT_CLIENT_SECRET environment variable.
--collectMetrics collect metrics. You can define this in the COLLECT_METRICS environment variable.
--environment=<value> Environment Name. You can define this in the ANYPOINT_ENV environment variable.
--expiration-date=<value> Expiration date for the secret.
--host=anypoint.mulesoft.com [default: anypoint.mulesoft.com] Host URL. You can define this in the ANYPOINT_HOST
environment variable.
--organization=<value> Organization Name. You can define this in the ANYPOINT_ORG environment variable.
--password=<value> Password. You can define this in the ANYPOINT_PASSWORD environment variable.
--username=<value> Username. You can define this in the ANYPOINT_USERNAME environment variable.
DESCRIPTION
Modify the 'name' or 'expiration date' for an existing Flex Gateway TLS context secret.
EXAMPLES
Modify the 'name' for a Flex Gateway TLS context with id '46f09ac0-0f38-40cf-bdd7-1e947b2d9f4b' in a secret group
with id '59573b4e-cdea-4917-ac34-b047e1e94dbe'.
$ anypoint-cli-secrets-mgr-plugin secrets-mgr tls-context flex-gateway modify \
--name=example-secret-1-modified \
--id=46f09ac0-0f38-40cf-bdd7-1e947b2d9f4b \
--group-id=59573b4e-cdea-4917-ac34-b047e1e94dbe
Modify the 'name' and the 'expiration date'for a Flex Gateway TLS context with id
'8d2c6d9f-f0b8-4eda-982c-9c849f6bf91a' in a secret group with id '7834534e-ghij-9213-xy32-d345e1e94fca'.
$ anypoint-cli-secrets-mgr-plugin secrets-mgr tls-context flex-gateway modify \
--name=example-secret-2-modified \
--expiration-date=2028-01-01 \
--id=8d2c6d9f-f0b8-4eda-982c-9c849f6bf91a \
--group-id=7834534e-ghij-9213-xy32-d345e1e94fca
Replace an existing Flex Gateway TLS context secret. All required values must be specified even if they are unchanged during the replacement update.
USAGE
$ anypoint-cli-secrets-mgr-plugin secrets-mgr tls-context flex-gateway replace -i <value> -g <value> -n <value> [--password <value> [--username
<value> | --client_id <value> | ]] [--client_secret <value> ] [--bearer <value> | | ] [--organization <value>]
[--environment <value>] [--host <value>] [--collectMetrics] [--alpn-protocol h2|http/1.1] [--min-tls-version
TLSv1.1|TLSv1.2|TLSv1.3] [--max-tls-version TLSv1.1|TLSv1.2|TLSv1.3] [--keystore-id <value>] [--truststore-id
<value>] [--enable-client-cert-validation] [--skip-server-cert-validation] [-c <value>] [--expiration-date <value>]
[-o <value>] [-h]
FLAGS
-c, --cipher=<value>...
Cipher to be applied for the specified TLS version range. If no cipher is specified then the default ciphers for the
specified TLS version will be applied. For TLSv1.1, there are no default ciphers, hence atleast one TLSv1.1
compatible cipher must be specified, if TLSv1.1 is in the specified TLS version range. For TLSv1.3, default ciphers
will always apply and cannot be explicitly specified. Please see the Flex Gateway online documentation
[https://docs.mulesoft.com/gateway/latest/flex-conn-tls-config#select-ciphers] for more details.
Following are the acceptable ciphers for TLSv1.2. The Ciphers tagged with "*" are the default ciphers:
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 [*]
TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 [*]
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 [*]
TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 [*]
TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 [*]
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 [*]
TLS_RSA_WITH_AES_128_GCM_SHA256
TLS_RSA_WITH_AES_256_GCM_SHA384
TLS_RSA_WITH_AES_128_CBC_SHA
TLS_RSA_WITH_AES_256_CBC_SHA
TLS_PSK_WITH_AES_128_CBC_SHA
TLS_PSK_WITH_AES_256_CBC_SHA
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA
TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA
TLS_RSA_WITH_NULL_SHA
Following are the acceptable ciphers for TLSv1.1:
TLS_RSA_WITH_AES_128_CBC_SHA
TLS_RSA_WITH_AES_256_CBC_SHA
TLS_PSK_WITH_AES_128_CBC_SHA
TLS_PSK_WITH_AES_256_CBC_SHA
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA
TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA
TLS_RSA_WITH_3DES_EDE_CBC_SHA
TLS_RSA_WITH_NULL_SHA
-g, --group-id=<value>
(required) Secret group id.
-h, --help
Show CLI help.
-i, --id=<value>
(required) Secret id.
-n, --name=<value>
(required) Name for the secret.
-o, --output=<value>
[default: table] Format for commands output. Supported values are table (default) and json
--alpn-protocol=<option>...
[default: h2,http/1.1] Alpn protocol. If multiple values are specified, then the preferred order will be from the
left to right.
<options: h2|http/1.1>
--bearer=<value>
Token Bearer. You can define this in the ANYPOINT_BEARER environment variable.
--client_id=<value>
Client ID. You can define this in the ANYPOINT_CLIENT_ID environment variable.
--client_secret=<value>
Client Secret. You can define this in the ANYPOINT_CLIENT_SECRET environment variable.
--collectMetrics
collect metrics. You can define this in the COLLECT_METRICS environment variable.
--enable-client-cert-validation
Enable client certificate validation.
--environment=<value>
Environment Name. You can define this in the ANYPOINT_ENV environment variable.
--expiration-date=<value>
Expiration date for the secret.
--host=anypoint.mulesoft.com
[default: anypoint.mulesoft.com] Host URL. You can define this in the ANYPOINT_HOST environment variable.
--keystore-id=<value>
A valid PEM keystore id in the secret group. This will be the keystore for the tls context.
--max-tls-version=<option>
[default: TLSv1.3] Maximum TLS version. By default, TLSv1.3 is selected, if this flag is not explicitly set.
<options: TLSv1.1|TLSv1.2|TLSv1.3>
--min-tls-version=<option>
[default: TLSv1.3] Minimum TLS version. By default, TLSv1.3 is selected, if this flag is not explicitly set.
<options: TLSv1.1|TLSv1.2|TLSv1.3>
--organization=<value>
Organization Name. You can define this in the ANYPOINT_ORG environment variable.
--password=<value>
Password. You can define this in the ANYPOINT_PASSWORD environment variable.
--skip-server-cert-validation
Skip server certificate validation.
--truststore-id=<value>
A valid PEM truststore id in the secret group. This will be the truststore for the tls context.
--username=<value>
Username. You can define this in the ANYPOINT_USERNAME environment variable.
DESCRIPTION
Replace an existing Flex Gateway TLS context secret. All required values must be specified even if they are unchanged
during the replacement update.
EXAMPLES
Replace a Flex Gateway TLS context 'example-secret-1' with id 'c1e8899f-ef4e-4bb9-b21c-4971c2178b0a' in a secret
group with id '59573b4e-cdea-4917-ac34-b047e1e94dbe'. Preferred order for the ALPN protocol is 'http/1.1' first and
then 'h2'. Referenced keystore and truststore exists in the same secret group where this tls context secret is
created. Since 'cipher' is not specified for the TLSv1.2 version, default ciphers will be applied.
$ anypoint-cli-secrets-mgr-plugin secrets-mgr tls-context flex-gateway replace \
--name=example-secret-1-updated \
--id=c1e8899f-ef4e-4bb9-b21c-4971c2178b0a \
--group-id=59573b4e-cdea-4917-ac34-b047e1e94dbe \
--alpn-protocol=http/1.1 \
--alpn-protocol=h2 \
--min-tls-version=TLSv1.2 \
--max-tls-version=TLSv1.3 \
--keystore-id=2d773060-aed0-46a7-b131-efbdb6ceff70 \
--truststore-id=588c33e4-7f6f-44be-94e8-8b65a56d1670 \
Replace a Flex Gateway TLS context 'example-secret-2' with id '7ce61b18-1288-4341-a473-8cdcb8c1c2ca' in a secret
group with id '7834534e-ghij-9213-xy32-d345e1e94fca'. This context is configured only with a keystore.
$ anypoint-cli-secrets-mgr-plugin secrets-mgr tls-context flex-gateway replace \
--name=example-secret-2 \
--id=7ce61b18-1288-4341-a473-8cdcb8c1c2ca \
--group-id=7834534e-ghij-9213-xy32-d345e1e94fca \
--min-tls-version=TLSv1.3 \
--max-tls-version=TLSv1.3 \
--keystore-id=2d773060-aed0-46a7-b131-efbdb6ceff70 \
Create a Flex Gateway TLS context 'example-secret-3' in a secret group with id
'7834534e-ghij-9213-xy32-d345e1e94fca'. This context is configured only with a truststore. Since Min and Max TLS
versions are not specified they defaults to TLSv1.3
$ anypoint-cli-secrets-mgr-plugin secrets-mgr tls-context flex-gateway replace \
--name=example-secret-3 \
--id=110c7a0e-5093-4b80-8051-4d660c8ab60c \
--group-id=7834534e-ghij-9213-xy32-d345e1e94fca \
--truststore-id=588c33e4-7f6f-44be-94e8-8b65a56d1670 \
Create a new Mule TLS context secret in the specified secret group.
USAGE
$ anypoint-cli-secrets-mgr-plugin secrets-mgr tls-context mule create -g <value> -n <value> [--password <value> [--username <value> |
--client_id <value> | ]] [--client_secret <value> ] [--bearer <value> | | ] [--organization <value>] [--environment
<value>] [--host <value>] [--collectMetrics] [-v TLSv1.1|TLSv1.2] [--keystore-id <value>] [--insecure
--truststore-id <value>] [-c <value>] [--expiration-date <value>] [-o <value>] [-h]
FLAGS
-c, --cipher=<value>...
Cipher to be applied for the specified TLS version(s). If no cipher is specified then the default ciphers for the
specified TLS version will be applied.
Following are the common ciphers for TLSv1.2:
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
Following are the common ciphers for TLSv1.1:
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
Additional cipher, besides the ones that are listed above, for the selected TLS version can also be specified.
-g, --group-id=<value>
(required) Secret group id.
-h, --help
Show CLI help.
-n, --name=<value>
(required) Name for the secret.
-o, --output=<value>
[default: table] Format for commands output. Supported values are table (default) and json
-v, --tls-version=<option>...
[default: TLSv1.2] TLS version. By default, TLSv1.2 is selected, if this flag is not explicitly set.
<options: TLSv1.1|TLSv1.2>
--bearer=<value>
Token Bearer. You can define this in the ANYPOINT_BEARER environment variable.
--client_id=<value>
Client ID. You can define this in the ANYPOINT_CLIENT_ID environment variable.
--client_secret=<value>
Client Secret. You can define this in the ANYPOINT_CLIENT_SECRET environment variable.
--collectMetrics
collect metrics. You can define this in the COLLECT_METRICS environment variable.
--environment=<value>
Environment Name. You can define this in the ANYPOINT_ENV environment variable.
--expiration-date=<value>
Expiration date for the secret.
--host=anypoint.mulesoft.com
[default: anypoint.mulesoft.com] Host URL. You can define this in the ANYPOINT_HOST environment variable.
--insecure
Disable certificate validation.
--keystore-id=<value>
A valid JKS/JCEKS/PKCS12 keystore id in the secret group. This will be the keystore for the tls context.
--organization=<value>
Organization Name. You can define this in the ANYPOINT_ORG environment variable.
--password=<value>
Password. You can define this in the ANYPOINT_PASSWORD environment variable.
--truststore-id=<value>
A valid JKS/JCEKS/PKCS12 truststore id in the secret group. This will be the truststore for the tls context.
--username=<value>
Username. You can define this in the ANYPOINT_USERNAME environment variable.
DESCRIPTION
Create a new Mule TLS context secret in the specified secret group.
EXAMPLES
Create a Mule TLS context 'example-secret-1' in a secret group with id '59573b4e-cdea-4917-ac34-b047e1e94dbe'.
Multiple TLS versions and ciphers for the TLS context are specified. Referenced keystore and truststore exists in
the same secret group where this tls context secret is created.
$ anypoint-cli-secrets-mgr-plugin secrets-mgr tls-context mule create \
--name=example-secret-1 \
--group-id=59573b4e-cdea-4917-ac34-b047e1e94dbe \
--tls-version=TLSv1.2 \
--tls-version=TLSv1.1 \
--keystore-id=2d773060-aed0-46a7-b131-efbdb6ceff70 \
--truststore-id=588c33e4-7f6f-44be-94e8-8b65a56d1670 \
--cipher=TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 \
--cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 \
--cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
Create a Mule TLS context 'example-secret-2' in a secret group with id '7834534e-ghij-9213-xy32-d345e1e94fca'. This
context is configured only with a keystore.
$ anypoint-cli-secrets-mgr-plugin secrets-mgr tls-context mule create \
--name=example-secret-2 \
--group-id=7834534e-ghij-9213-xy32-d345e1e94fca \
--keystore-id=2d773060-aed0-46a7-b131-efbdb6ceff70
Create a Mule TLS context 'example-secret-3' in a secret group with id '7834534e-ghij-9213-xy32-d345e1e94fca'. This
context is configured only with a truststore and the certificate validation is disabled.
$ anypoint-cli-secrets-mgr-plugin secrets-mgr tls-context mule create \
--name=example-secret-3 \
--group-id=7834534e-ghij-9213-xy32-d345e1e94fca \
--truststore-id=588c33e4-7f6f-44be-94e8-8b65a56d1670 \
--disable-cert-validation
Show the details of a Mule TLS context secret. The output will include only the keystore and truststore id, if available for the context and not their contents.
USAGE
$ anypoint-cli-secrets-mgr-plugin secrets-mgr tls-context mule describe -i <value> -g <value> [--password <value> [--username <value> |
--client_id <value> | ]] [--client_secret <value> ] [--bearer <value> | | ] [--organization <value>] [--environment
<value>] [--host <value>] [--collectMetrics] [-o <value>] [-h]
FLAGS
-g, --group-id=<value> (required) Secret group id.
-h, --help Show CLI help.
-i, --id=<value> (required) Secret id.
-o, --output=<value> [default: table] Format for commands output. Supported values are table (default) and
json
--bearer=<value> Token Bearer. You can define this in the ANYPOINT_BEARER environment variable.
--client_id=<value> Client ID. You can define this in the ANYPOINT_CLIENT_ID environment variable.
--client_secret=<value> Client Secret. You can define this in the ANYPOINT_CLIENT_SECRET environment variable.
--collectMetrics collect metrics. You can define this in the COLLECT_METRICS environment variable.
--environment=<value> Environment Name. You can define this in the ANYPOINT_ENV environment variable.
--host=anypoint.mulesoft.com [default: anypoint.mulesoft.com] Host URL. You can define this in the ANYPOINT_HOST
environment variable.
--organization=<value> Organization Name. You can define this in the ANYPOINT_ORG environment variable.
--password=<value> Password. You can define this in the ANYPOINT_PASSWORD environment variable.
--username=<value> Username. You can define this in the ANYPOINT_USERNAME environment variable.
DESCRIPTION
Show the details of a Mule TLS context secret. The output will include only the keystore and truststore id, if
available for the context and not their contents.
EXAMPLES
Show the details of a Mule TLS context secret with id '6fdfa612-6966-4a50-9222-7e31d7480979' in a secret group with
id '59573b4e-cdea-4917-ac34-b047e1e94dbe'.
$ anypoint-cli-secrets-mgr-plugin secrets-mgr tls-context mule describe \
--id=6fdfa612-6966-4a50-9222-7e31d7480979 --group-id=59573b4e-cdea-4917-ac34-b047e1e94dbe
List the Mule TLS context secrets in a secret group.
USAGE
$ anypoint-cli-secrets-mgr-plugin secrets-mgr tls-context mule list -g <value> [--password <value> [--username <value> | --client_id
<value> | ]] [--client_secret <value> ] [--bearer <value> | | ] [--organization <value>] [--environment <value>]
[--host <value>] [--collectMetrics] [-o <value>] [-h]
FLAGS
-g, --group-id=<value> (required) Secret group id.
-h, --help Show CLI help.
-o, --output=<value> [default: table] Format for commands output. Supported values are table (default) and
json
--bearer=<value> Token Bearer. You can define this in the ANYPOINT_BEARER environment variable.
--client_id=<value> Client ID. You can define this in the ANYPOINT_CLIENT_ID environment variable.
--client_secret=<value> Client Secret. You can define this in the ANYPOINT_CLIENT_SECRET environment variable.
--collectMetrics collect metrics. You can define this in the COLLECT_METRICS environment variable.
--environment=<value> Environment Name. You can define this in the ANYPOINT_ENV environment variable.
--host=anypoint.mulesoft.com [default: anypoint.mulesoft.com] Host URL. You can define this in the ANYPOINT_HOST
environment variable.
--organization=<value> Organization Name. You can define this in the ANYPOINT_ORG environment variable.
--password=<value> Password. You can define this in the ANYPOINT_PASSWORD environment variable.
--username=<value> Username. You can define this in the ANYPOINT_USERNAME environment variable.
DESCRIPTION
List the Mule TLS context secrets in a secret group.
EXAMPLES
List all the Mule TLS context secrets in a secret group with id '59573b4e-cdea-4917-ac34-b047e1e94dbe'.
$ anypoint-cli-secrets-mgr-plugin secrets-mgr tls-context mule list \
--group-id=59573b4e-cdea-4917-ac34-b047e1e94dbe
Modify the 'name' or 'expiration date' for an existing Mule TLS context secret.
USAGE
$ anypoint-cli-secrets-mgr-plugin secrets-mgr tls-context mule modify -i <value> -g <value> [--password <value> [--username <value> |
--client_id <value> | ]] [--client_secret <value> ] [--bearer <value> | | ] [--organization <value>] [--environment
<value>] [--host <value>] [--collectMetrics] [-n <value>] [--expiration-date <value>] [-o <value>] [-h]
FLAGS
-g, --group-id=<value> (required) Secret group id.
-h, --help Show CLI help.
-i, --id=<value> (required) Secret id.
-n, --name=<value> Name for the secret.
-o, --output=<value> [default: table] Format for commands output. Supported values are table (default) and
json
--bearer=<value> Token Bearer. You can define this in the ANYPOINT_BEARER environment variable.
--client_id=<value> Client ID. You can define this in the ANYPOINT_CLIENT_ID environment variable.
--client_secret=<value> Client Secret. You can define this in the ANYPOINT_CLIENT_SECRET environment variable.
--collectMetrics collect metrics. You can define this in the COLLECT_METRICS environment variable.
--environment=<value> Environment Name. You can define this in the ANYPOINT_ENV environment variable.
--expiration-date=<value> Expiration date for the secret.
--host=anypoint.mulesoft.com [default: anypoint.mulesoft.com] Host URL. You can define this in the ANYPOINT_HOST
environment variable.
--organization=<value> Organization Name. You can define this in the ANYPOINT_ORG environment variable.
--password=<value> Password. You can define this in the ANYPOINT_PASSWORD environment variable.
--username=<value> Username. You can define this in the ANYPOINT_USERNAME environment variable.
DESCRIPTION
Modify the 'name' or 'expiration date' for an existing Mule TLS context secret.
EXAMPLES
Modify the 'name' for a Mule TLS context with id '1cb99a2f-8fa6-4443-b4ae-48d01767f155' in a secret group with id
'59573b4e-cdea-4917-ac34-b047e1e94dbe'.
$ anypoint-cli-secrets-mgr-plugin secrets-mgr tls-context mule modify \
--name=example-secret-1-modified \
--id=1cb99a2f-8fa6-4443-b4ae-48d01767f155 \
--group-id=59573b4e-cdea-4917-ac34-b047e1e94dbe
Modify the 'name' and the 'expiration date'for a Mule TLS context with id '4cc32d8d-c08d-47f2-b9e1-14f2e331b242' in
a secret group with id '7834534e-ghij-9213-xy32-d345e1e94fca'.
$ anypoint-cli-secrets-mgr-plugin secrets-mgr tls-context mule modify \
--name=example-secret-2-modified \
--expiration-date=2028-01-01 \
--id=4cc32d8d-c08d-47f2-b9e1-14f2e331b242 \
--group-id=7834534e-ghij-9213-xy32-d345e1e94fca
Replace an existing Mule TLS context secret. All required values must be specified even if they are unchanged during the replacement update.
USAGE
$ anypoint-cli-secrets-mgr-plugin secrets-mgr tls-context mule replace -i <value> -g <value> -n <value> [--password <value> [--username
<value> | --client_id <value> | ]] [--client_secret <value> ] [--bearer <value> | | ] [--organization <value>]
[--environment <value>] [--host <value>] [--collectMetrics] [-v TLSv1.1|TLSv1.2] [--keystore-id <value>] [--insecure
--truststore-id <value>] [-c <value>] [--expiration-date <value>] [-o <value>] [-h]
FLAGS
-c, --cipher=<value>...
Cipher to be applied for the specified TLS version(s). If no cipher is specified then the default ciphers for the
specified TLS version will be applied.
Following are the common ciphers for TLSv1.2:
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
Following are the common ciphers for TLSv1.1:
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
Additional cipher, besides the ones that are listed above, for the selected TLS version can also be specified.
-g, --group-id=<value>
(required) Secret group id.
-h, --help
Show CLI help.
-i, --id=<value>
(required) Secret id.
-n, --name=<value>
(required) Name for the secret.
-o, --output=<value>
[default: table] Format for commands output. Supported values are table (default) and json
-v, --tls-version=<option>...
[default: TLSv1.2] TLS version. By default, TLSv1.2 is selected, if this flag is not explicitly set.
<options: TLSv1.1|TLSv1.2>
--bearer=<value>
Token Bearer. You can define this in the ANYPOINT_BEARER environment variable.
--client_id=<value>
Client ID. You can define this in the ANYPOINT_CLIENT_ID environment variable.
--client_secret=<value>
Client Secret. You can define this in the ANYPOINT_CLIENT_SECRET environment variable.
--collectMetrics
collect metrics. You can define this in the COLLECT_METRICS environment variable.
--environment=<value>
Environment Name. You can define this in the ANYPOINT_ENV environment variable.
--expiration-date=<value>
Expiration date for the secret.
--host=anypoint.mulesoft.com
[default: anypoint.mulesoft.com] Host URL. You can define this in the ANYPOINT_HOST environment variable.
--insecure
Disable certificate validation.
--keystore-id=<value>
A valid JKS/JCEKS/PKCS12 keystore id in the secret group. This will be the keystore for the tls context.
--organization=<value>
Organization Name. You can define this in the ANYPOINT_ORG environment variable.
--password=<value>
Password. You can define this in the ANYPOINT_PASSWORD environment variable.
--truststore-id=<value>
A valid JKS/JCEKS/PKCS12 truststore id in the secret group. This will be the truststore for the tls context.
--username=<value>
Username. You can define this in the ANYPOINT_USERNAME environment variable.
DESCRIPTION
Replace an existing Mule TLS context secret. All required values must be specified even if they are unchanged during
the replacement update.
EXAMPLES
Replace a Mule TLS context 'example-secret-1' with id '1cb99a2f-8fa6-4443-b4ae-48d01767f155' in a secret group with
id '59573b4e-cdea-4917-ac34-b047e1e94dbe'. Multiple TLS versions and ciphers for the TLS context are specified.
Referenced keystore and truststore exists in the same secret group where this tls context secret exists.
$ anypoint-cli-secrets-mgr-plugin secrets-mgr tls-context mule replace \
--name=example-secret-1 \
--id=1cb99a2f-8fa6-4443-b4ae-48d01767f155 \
--group-id=59573b4e-cdea-4917-ac34-b047e1e94dbe \
--tls-version=TLSv1.2 \
--tls-version=TLSv1.1 \
--keystore-id=2d773060-aed0-46a7-b131-efbdb6ceff70 \
--truststore-id=588c33e4-7f6f-44be-94e8-8b65a56d1670 \
--cipher=TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 \
--cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 \
--cipher=TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
Replace a Mule TLS context 'example-secret-2' with id '4cc32d8d-c08d-47f2-b9e1-14f2e331b242' in a secret group with
id '7834534e-ghij-9213-xy32-d345e1e94fca'. This context is configured only with a keystore.
$ anypoint-cli-secrets-mgr-plugin secrets-mgr tls-context mule replace \
--name=example-secret-2 \
--id=4cc32d8d-c08d-47f2-b9e1-14f2e331b242 \
--group-id=7834534e-ghij-9213-xy32-d345e1e94fca \
--keystore-id=77304490-13fd-45aa-817c-f67c4ff653cd \
--expiration-date=2025-06-01
Replace a Mule TLS context 'example-secret-3' with id '0989e8c5-d43a-4dd3-ac88-477e7a0f4c74' in a secret group with
id '7834534e-ghij-9213-xy32-d345e1e94fca'. This context is configured only with a truststore and the certificate
validation is disabled.
$ anypoint-cli-secrets-mgr-plugin secrets-mgr tls-context mule replace \
--name=example-secret-3 \
--id=0989e8c5-d43a-4dd3-ac88-477e7a0f4c74 \
--group-id=7834534e-ghij-9213-xy32-d345e1e94fca \
--truststore-id=63b93088-a96e-4787-a12e-d1b3819b26b1 \
--disable-cert-validation
USAGE
$ anypoint-cli-secrets-mgr-plugin secrets-mgr tls-context tls-context-list -g <value> [--password <value> [--username <value> | --client_id
<value> | ]] [--client_secret <value> ] [--bearer <value> | | ] [--organization <value>] [--environment <value>]
[--host <value>] [--collectMetrics] [-o <value>] [-h]
FLAGS
-g, --group-id=<value> (required) Secret group id.
-h, --help Show CLI help.
-o, --output=<value> [default: table] Format for commands output. Supported values are table (default) and
json
--bearer=<value> Token Bearer. You can define this in the ANYPOINT_BEARER environment variable.
--client_id=<value> Client ID. You can define this in the ANYPOINT_CLIENT_ID environment variable.
--client_secret=<value> Client Secret. You can define this in the ANYPOINT_CLIENT_SECRET environment variable.
--collectMetrics collect metrics. You can define this in the COLLECT_METRICS environment variable.
--environment=<value> Environment Name. You can define this in the ANYPOINT_ENV environment variable.
--host=anypoint.mulesoft.com [default: anypoint.mulesoft.com] Host URL. You can define this in the ANYPOINT_HOST
environment variable.
--organization=<value> Organization Name. You can define this in the ANYPOINT_ORG environment variable.
--password=<value> Password. You can define this in the ANYPOINT_PASSWORD environment variable.
--username=<value> Username. You can define this in the ANYPOINT_USERNAME environment variable.
Create a new truststore secret in the specified secret group.
USAGE
$ anypoint-cli-secrets-mgr-plugin secrets-mgr truststore create -g <value> -n <value> -t PEM|JKS|PKCS12|JCEKS --truststore-file
<value> [--password <value> [--username <value> | --client_id <value> | ]] [--client_secret <value> ] [--bearer
<value> | | ] [--organization <value>] [--environment <value>] [--host <value>] [--collectMetrics]
[--store-passphrase <value>] [--algorithm PKIX|SunX509] [--expiration-date <value>] [-o <value>] [-h]
FLAGS
-g, --group-id=<value> (required) Secret group id.
-h, --help Show CLI help.
-n, --name=<value> (required) Name for the secret.
-o, --output=<value> [default: table] Format for commands output. Supported values are table (default) and
json
-t, --type=<option> (required) Truststore type.
<options: PEM|JKS|PKCS12|JCEKS>
--algorithm=<option> Trust manager algorithm for the JKS/PKCS12/JCEKS type truststore. Not applicable for the
PEM type truststore.
<options: PKIX|SunX509>
--bearer=<value> Token Bearer. You can define this in the ANYPOINT_BEARER environment variable.
--client_id=<value> Client ID. You can define this in the ANYPOINT_CLIENT_ID environment variable.
--client_secret=<value> Client Secret. You can define this in the ANYPOINT_CLIENT_SECRET environment variable.
--collectMetrics collect metrics. You can define this in the COLLECT_METRICS environment variable.
--environment=<value> Environment Name. You can define this in the ANYPOINT_ENV environment variable.
--expiration-date=<value> Expiration date for the secret.
--host=anypoint.mulesoft.com [default: anypoint.mulesoft.com] Host URL. You can define this in the ANYPOINT_HOST
environment variable.
--organization=<value> Organization Name. You can define this in the ANYPOINT_ORG environment variable.
--password=<value> Password. You can define this in the ANYPOINT_PASSWORD environment variable.
--store-passphrase=<value> Passphrase for the JKS/PKCS12/JCEKS type truststore. Not applicable for the PEM type
truststore.
--truststore-file=<value> (required) Truststore file path.
--username=<value> Username. You can define this in the ANYPOINT_USERNAME environment variable.
DESCRIPTION
Create a new truststore secret in the specified secret group.
EXAMPLES
Create a PEM type truststore 'example-secret-1' in a secret group with id '59573b4e-cdea-4917-ac34-b047e1e94dbe'
$ anypoint-cli-secrets-mgr-plugin secrets-mgr truststore create \
--name=example-secret-1 \
--group-id=59573b4e-cdea-4917-ac34-b047e1e94dbe \
--type=PEM \
--truststore-file=./truststore1.pem
Create a JKS type truststore 'example-secret-2' in a secret group with id '7834534e-ghij-9213-xy32-d345e1e94fca'
$ anypoint-cli-secrets-mgr-plugin secrets-mgr truststore create \
--name=example-secret-2 \
--group-id=7834534e-ghij-9213-xy32-d345e1e94fca \
--type=JKS \
--truststore-file=./truststore2.pem \
--store-passphrase=examplePass
Show the details of a truststore secret. The output will not include the truststore file content.
USAGE
$ anypoint-cli-secrets-mgr-plugin secrets-mgr truststore describe -i <value> -g <value> [--password <value> [--username <value> |
--client_id <value> | ]] [--client_secret <value> ] [--bearer <value> | | ] [--organization <value>] [--environment
<value>] [--host <value>] [--collectMetrics] [-o <value>] [-h]
FLAGS
-g, --group-id=<value> (required) Secret group id.
-h, --help Show CLI help.
-i, --id=<value> (required) Secret id.
-o, --output=<value> [default: table] Format for commands output. Supported values are table (default) and
json
--bearer=<value> Token Bearer. You can define this in the ANYPOINT_BEARER environment variable.
--client_id=<value> Client ID. You can define this in the ANYPOINT_CLIENT_ID environment variable.
--client_secret=<value> Client Secret. You can define this in the ANYPOINT_CLIENT_SECRET environment variable.
--collectMetrics collect metrics. You can define this in the COLLECT_METRICS environment variable.
--environment=<value> Environment Name. You can define this in the ANYPOINT_ENV environment variable.
--host=anypoint.mulesoft.com [default: anypoint.mulesoft.com] Host URL. You can define this in the ANYPOINT_HOST
environment variable.
--organization=<value> Organization Name. You can define this in the ANYPOINT_ORG environment variable.
--password=<value> Password. You can define this in the ANYPOINT_PASSWORD environment variable.
--username=<value> Username. You can define this in the ANYPOINT_USERNAME environment variable.
DESCRIPTION
Show the details of a truststore secret. The output will not include the truststore file content.
EXAMPLES
Show the details of a truststore secret with id '6fdfa612-6966-4a50-9222-7e31d7480979' in a secret group with id
'59573b4e-cdea-4917-ac34-b047e1e94dbe'.
$ anypoint-cli-secrets-mgr-plugin secrets-mgr truststore describe \
--id=6fdfa612-6966-4a50-9222-7e31d7480979 \
--group-id=59573b4e-cdea-4917-ac34-b047e1e94dbe
List the truststore secrets in a secret group.
USAGE
$ anypoint-cli-secrets-mgr-plugin secrets-mgr truststore list -g <value> [--password <value> [--username <value> | --client_id
<value> | ]] [--client_secret <value> ] [--bearer <value> | | ] [--organization <value>] [--environment <value>]
[--host <value>] [--collectMetrics] [-o <value>] [-h]
FLAGS
-g, --group-id=<value> (required) Secret group id.
-h, --help Show CLI help.
-o, --output=<value> [default: table] Format for commands output. Supported values are table (default) and
json
--bearer=<value> Token Bearer. You can define this in the ANYPOINT_BEARER environment variable.
--client_id=<value> Client ID. You can define this in the ANYPOINT_CLIENT_ID environment variable.
--client_secret=<value> Client Secret. You can define this in the ANYPOINT_CLIENT_SECRET environment variable.
--collectMetrics collect metrics. You can define this in the COLLECT_METRICS environment variable.
--environment=<value> Environment Name. You can define this in the ANYPOINT_ENV environment variable.
--host=anypoint.mulesoft.com [default: anypoint.mulesoft.com] Host URL. You can define this in the ANYPOINT_HOST
environment variable.
--organization=<value> Organization Name. You can define this in the ANYPOINT_ORG environment variable.
--password=<value> Password. You can define this in the ANYPOINT_PASSWORD environment variable.
--username=<value> Username. You can define this in the ANYPOINT_USERNAME environment variable.
DESCRIPTION
List the truststore secrets in a secret group.
EXAMPLES
List all the truststore secrets in a secret group with id '59573b4e-cdea-4917-ac34-b047e1e94dbe'.
$ anypoint-cli-secrets-mgr-plugin secrets-mgr truststore list --group-id=59573b4e-cdea-4917-ac34-b047e1e94dbe
Modify the 'name' or 'expiration date' for an existing truststore secret.
USAGE
$ anypoint-cli-secrets-mgr-plugin secrets-mgr truststore modify -i <value> -g <value> [--password <value> [--username <value> |
--client_id <value> | ]] [--client_secret <value> ] [--bearer <value> | | ] [--organization <value>] [--environment
<value>] [--host <value>] [--collectMetrics] [-n <value>] [--expiration-date <value>] [-o <value>] [-h]
FLAGS
-g, --group-id=<value> (required) Secret group id.
-h, --help Show CLI help.
-i, --id=<value> (required) Secret id.
-n, --name=<value> Name for the secret.
-o, --output=<value> [default: table] Format for commands output. Supported values are table (default) and
json
--bearer=<value> Token Bearer. You can define this in the ANYPOINT_BEARER environment variable.
--client_id=<value> Client ID. You can define this in the ANYPOINT_CLIENT_ID environment variable.
--client_secret=<value> Client Secret. You can define this in the ANYPOINT_CLIENT_SECRET environment variable.
--collectMetrics collect metrics. You can define this in the COLLECT_METRICS environment variable.
--environment=<value> Environment Name. You can define this in the ANYPOINT_ENV environment variable.
--expiration-date=<value> Expiration date for the secret.
--host=anypoint.mulesoft.com [default: anypoint.mulesoft.com] Host URL. You can define this in the ANYPOINT_HOST
environment variable.
--organization=<value> Organization Name. You can define this in the ANYPOINT_ORG environment variable.
--password=<value> Password. You can define this in the ANYPOINT_PASSWORD environment variable.
--username=<value> Username. You can define this in the ANYPOINT_USERNAME environment variable.
DESCRIPTION
Modify the 'name' or 'expiration date' for an existing truststore secret.
EXAMPLES
Modify only the name for a truststore secret with id '6fdfa612-6966-4a50-9222-7e31d7480979' in a secret group with
id '59573b4e-cdea-4917-ac34-b047e1e94dbe'.
$ anypoint-cli-secrets-mgr-plugin secrets-mgr truststore modify \
--id=6fdfa612-6966-4a50-9222-7e31d7480979 \
--group-id=59573b4e-cdea-4917-ac34-b047e1e94dbe \
--name=new-secret-name
Replace an existing truststore secret. Truststore type cannot be changed during replacement update.
USAGE
$ anypoint-cli-secrets-mgr-plugin secrets-mgr truststore replace -i <value> -n <value> -g <value> -t PEM|JKS|PKCS12|JCEKS
--truststore-file <value> [--password <value> [--username <value> | --client_id <value> | ]] [--client_secret
<value> ] [--bearer <value> | | ] [--organization <value>] [--environment <value>] [--host <value>]
[--collectMetrics] [--store-passphrase <value>] [--algorithm PKIX|SunX509] [--expiration-date <value>] [-o <value>]
[-h]
FLAGS
-g, --group-id=<value> (required) Secret group id.
-h, --help Show CLI help.
-i, --id=<value> (required) Secret id.
-n, --name=<value> (required) Name for the secret.
-o, --output=<value> [default: table] Format for commands output. Supported values are table (default) and
json
-t, --type=<option> (required) Truststore type.
<options: PEM|JKS|PKCS12|JCEKS>
--algorithm=<option> Trust manager algorithm for the JKS/PKCS12/JCEKS type truststore. Not applicable for the
PEM type truststore.
<options: PKIX|SunX509>
--bearer=<value> Token Bearer. You can define this in the ANYPOINT_BEARER environment variable.
--client_id=<value> Client ID. You can define this in the ANYPOINT_CLIENT_ID environment variable.
--client_secret=<value> Client Secret. You can define this in the ANYPOINT_CLIENT_SECRET environment variable.
--collectMetrics collect metrics. You can define this in the COLLECT_METRICS environment variable.
--environment=<value> Environment Name. You can define this in the ANYPOINT_ENV environment variable.
--expiration-date=<value> Expiration date for the secret.
--host=anypoint.mulesoft.com [default: anypoint.mulesoft.com] Host URL. You can define this in the ANYPOINT_HOST
environment variable.
--organization=<value> Organization Name. You can define this in the ANYPOINT_ORG environment variable.
--password=<value> Password. You can define this in the ANYPOINT_PASSWORD environment variable.
--store-passphrase=<value> Passphrase for the JKS/PKCS12/JCEKS type truststore. Not applicable for the PEM type
truststore.
--truststore-file=<value> (required) Truststore file path.
--username=<value> Username. You can define this in the ANYPOINT_USERNAME environment variable.
DESCRIPTION
Replace an existing truststore secret. Truststore type cannot be changed during replacement update.
EXAMPLES
Replace a truststore secret with id '6fdfa612-6966-4a50-9222-7e31d7480979' in a secret group with id
'59573b4e-cdea-4917-ac34-b047e1e94dbe'.
$ anypoint-cli-secrets-mgr-plugin secrets-mgr truststore replace \
--id=6fdfa612-6966-4a50-9222-7e31d7480979 \
--group-id=59573b4e-cdea-4917-ac34-b047e1e94dbe \
--name=example-secret-1 \
--type=PEM \
--truststore-file=./new-truststore.pem
USAGE
$ anypoint-cli-secrets-mgr-plugin version
See code: @oclif/plugin-version