When using PowerShell to patch my secrets, I include this payload:
Payload: {
"path": "EncId",
"value": "MB34Changed"
}
for this URI: https://ourvaulturi/v1/enginename/data/secretname
This is my PS command:
$response = Invoke-RestMethod -Headers $header -ContentType 'application/json' -Method PATCH -Uri $uri -Body $payload
($header includes my Token and Namespace)
I get a (415) Unsupported Media Type error
I even tried the Content-Type application/merge-patch+json, used in the curl example on this page: https://developer.hashicorp.com/vault/docs/commands/patch which resulted in error:
(400) Bad Request
I don’t want to use PUT because it overwrites ALL values in my secret and I only want to update a single value.
Any ideas or help here?
Update.
Running CLI, I was able to get a completed PATCH using this command:
vault kv patch /enginename/secretname EncId=MB34Changed
How can I convert this to a PS Invoke-RestMethod call?
If I change the URI to https://ourvaulturi/enginename/secretname,
I get a (404) Not Found.
Seems that, yes, v1 and data are required in the URI:
https://ourvaulturi/v1/enginename/data/secretname
The Content-Type needs to be set in the header:
$header = @{
"X-Vault-Token"="$($env:VAULT_TOKEN)"
"X-Vault-Namespace"="$($env:VAULT_NAMESPACE)"
"Content-Type"="application/merge-patch+json"
}
And the payload needs to be formatted as:
$payload =
@{"data"=
@{"$($value)"="$($newvalue)"}
} | ConvertTo-Json
Then, the Invoke-RestMethod need to look like this:
Invoke-RestMethod -Headers $header -Method PATCH -Uri $uri -Body $payload