Skip to content
Documentation

metalcloud-cli secret update

Update an existing secret

Synopsis

Section titled “Synopsis”

Update an existing secret with new configuration.

This command updates an existing secret identified by its ID. The updated configuration must be provided through a JSON file or piped input.

Arguments: secret_id Numeric ID of the secret to update (required)

Required Flags: —config-source Source of the secret configuration updates (required) Can be either ‘pipe’ for stdin input or a path to a JSON file

The configuration file can contain any combination of updateable fields: name (string) The secret name (optional) value (string) The secret value to encrypt (optional) usage (string) The usage type (optional)

Available usage types:

  • credential: For storing passwords, API keys, tokens
  • configuration: For storing configuration values
  • certificate: For storing SSL/TLS certificates
  • ssh_key: For storing SSH keys

Examples:

Update a secret from JSON file

Section titled “Update a secret from JSON file”

metalcloud-cli secret update 123 —config-source ./updated-secret.json

Update secret name and value from stdin

Section titled “Update secret name and value from stdin”

echo ’{“name”:“new-api-key”,“value”:“sk-0987654321”}’ | metalcloud-cli secret update 456 —config-source pipe

Update only the usage type

Section titled “Update only the usage type”

metalcloud-cli secret update 789 —config-source ./usage-update.json

Example JSON configuration for update: { “name”: “updated-database-password”, “value”: “new-super-secret-password”, “usage”: “credential” }

metalcloud-cli secret update secret_id [flags]

Options

Section titled “Options”
      --config-source string   Source of the secret configuration updates. Can be 'pipe' or path to a JSON file.
  -h, --help                   help for update

Options inherited from parent commands

Section titled “Options inherited from parent commands”
  -k, --api_key string         MetalCloud API key
  -c, --config string          Config file path
  -d, --debug                  Set to enable debug logging
  -e, --endpoint string        MetalCloud API endpoint
  -f, --format string          Output format. Supported values are 'text','csv','md','json','yaml'. (default "text")
  -i, --insecure_skip_verify   Set to allow insecure transport
  -l, --log_file string        Log file path
  -v, --verbosity string       Log level verbosity (default "INFO")

SEE ALSO

Section titled “SEE ALSO”

Auto generated by spf13/cobra on 11-Aug-2025

Section titled “Auto generated by spf13/cobra on 11-Aug-2025”