Skip to content
You are reading Codefi Orchestrate development version documentation and some displayed features may not be available in the stable release. You can switch to stable version using the version box at screen bottom.

Orchestrate Key Manager

Run options

Usage:
  orchestrate key-manager run [flags]

Flags:
  -h, --help                            help for run
      --key-manager-type string         Type of Key Manager Vault (one of ["hashicorp-vault" "azure-key-vault" "ukc-key-vault"])
                                        Environment variable: "KEY_MANAGER_TYPE" (default "hashicorp-vault")
      --metrics-modules strings         List of metrics modules to exposed by prometheus endpoint. Available metric modules are ["http" "tcp" "go" "process" "healthz"], to enable all use ENABLED or to disable all DISABLED.
                                        Environment variable: "METRICS_MODULES" (default [ENABLED])
      --rest-hostname string            Hostname to expose REST services
                                        Environment variable: "REST_HOSTNAME"
      --rest-port uint                  Port to expose REST services
                                        Environment variable: "REST_PORT" (default 8081)
      --vault-addr string               Hashicorp URL of the remote hashicorp vault
                                        Environment variable: "VAULT_ADDR" (default "https://127.0.0.1:8200")
      --vault-burst-limit int           Hashicorp query burst limit
                                        Environment variable: "VAULT_RATE_LIMIT"
      --vault-cacert string             Hashicorp CA certificate
                                        Environment variable: "VAULT_CACERT"
      --vault-capath string             Path toward the CA certificate
                                        Environment variable: "VAULT_CAPATH"
      --vault-client-cert string        Certificate of the client
                                        Environment variable: "VAULT_CLIENT_CERT"
      --vault-client-key string         Hashicorp client key
                                        Environment variable: "VAULT_CLIENT_KEY"
      --vault-client-timeout duration   Hashicorp clean timeout of the client
                                        Environment variable: "VAULT_CLIENT_TIMEOUT" (default 1m0s)
      --vault-max-retries int           Hashicorp max retry for a request
                                        Environment variable: "VAULT_MAX_RETRIES"
      --vault-mount-point string        Specifies the mount point used. Should not start with a //
                                        Environment variable: "VAULT_MOUNT_POINT"  (default "orchestrate")
      --vault-rate-limit float          Hashicorp query rate limit
                                        Environment variable: "VAULT_RATE_LIMIT"
      --vault-skip-verify               Hashicorp skip verification
                                        Environment variable: "VAULT_SKIP_VERIFY"
      --vault-tls-server-name string    Hashicorp TLS server name
                                        Environment variable: "VAULT_TLS_SERVER_NAME"
      --vault-token-file string         Specifies the token file path.
                                        Parameter ignored if the token has been passed by VAULT_TOKEN
                                        Environment variable: "VAULT_TOKEN_FILE"  (default "/vault/token/.vault-token"

Migration options

Usage:
  orchestrate key-manager migrate [command]

Available Commands:
  import-secrets              Import secrets store in old Hashicorp vault

Flags:
  -h, --help                  Help for migrat
ConsenSys has acquired Quorum from J.P. Morgan. Please read the FAQ.
Questions or feedback? You can obtain paid professional support by Consensys at orchestrate@consensys.net