Skip to main content
Skip table of contents

Updating Passwords in Vault

This guide demonstrates the process of updating the passwords in the Vault.

Step 1: Log In To the Vault

To update the secret in vault, follow below steps

CODE 
kubectl -n vault exec -it vault-0 -- sh
CODE 
vault login

Input the token that was generated during the vault initialization to login.

Step 2: Patch the Secret In the Vault

Use the following command to update the value in the secret.

CODE 
vault kv patch secret/<secret name> <key>=<value>

an example is given below:-

CODE 
vault kv patch secret/postgresql postgres-password=postgresql464
/ $ vault kv patch secret/postgresql postgres-password=postgresql464
===== Secret Path =====
secret/data/postgresql

======= Metadata =======
Key                Value
---                -----
created_time       2024-09-16T08:49:51.954215622Z
custom_metadata    <nil>
deletion_time      n/a
destroyed          false
version            2

Step 2: Reflect The Changes In Namespace

Changes in the secret will be reflected by following these steps:-

Delete the secret in namespace:-

Follow this command to delete secret:-

CODE 
kubectl get secret -n <namespace>
kubectl delete secret -n <namespace> <secret-name>

Example is given below:-

CODE 
kubectl get secret -n ef-external
root@efcx:~# kubectl get secrets -n ef-external
NAME                                  TYPE                             DATA   AGE
ef-postgresql-crt                     kubernetes.io/tls                3      3d9h
expertflow-reg-cred                   kubernetes.io/dockerconfigjson   1      3d9h
minio                                 Opaque                           2      3d9h
minio-crt                             kubernetes.io/tls                3      3d9h
mongo-mongodb-ca                      Opaque                           3      3d9h
mongodb                               Opaque                           1      3d9h
postgresql                            Opaque                           2      3d9h
redis                                 Opaque                           1      3d9h
redis-crt                             kubernetes.io/tls                3      3d9h
sh.helm.release.v1.ef-postgresql.v1   helm.sh/release.v1               1      3d9h
sh.helm.release.v1.keycloak.v1        helm.sh/release.v1               1      3d9h
sh.helm.release.v1.minio.v1           helm.sh/release.v1               1      3d9h
sh.helm.release.v1.mongo.v1           helm.sh/release.v1               1      3d9h
sh.helm.release.v1.redis.v1           helm.sh/release.v1               1      3d9h
vault-external                        Opaque                           2      3d9h
CODE 
kubectl delete secret -n ef-external postgresql

root@efcx:~# kubectl delete secret -n ef-external postgresql
secret "postgresql" deleted

Restart Pods in the namespace:-

CODE 
kubectl get pod -n ef-external
root@efcx:~# k get pods -n ef-external
NAME                     READY   STATUS    RESTARTS       AGE
ef-amq-0                 1/1     Running   1 (122m ago)   7h31m
ef-postgresql-0          0/1     Unknown   0              34h
keycloak-0               0/1     Unknown   0              34h
minio-84cfcdbd48-8n6g2   0/1     Unknown   0              34h
mongo-mongodb-0          0/1     Unknown   0              34h
redis-master-0           0/1     Unknown   0              34h
CODE 
kubectl delete pod -n ef-external ef-postgresql-0
root@efcx:~# k delete pod -n ef-external ef-postgresql-0
pod "ef-postgresql-0" deleted

Pods will now be using the updated secrets.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close