vault_write
Store encrypted secrets in HashiCorp Vault at specified paths using JSON data for secure credential management and configuration storage.
Instructions
Write a secret to Vault at the specified path
Input Schema
TableJSON Schema
| Name | Required | Description | Default |
|---|---|---|---|
| path | Yes | The path to write the secret to (e.g., 'secret/data/myapp') | |
| data | Yes | The secret data to write as a JSON object |
Implementation Reference
- src/index.ts:132-144 (handler)The execution handler for the 'vault_write' tool. It extracts 'path' and 'data' from the tool arguments, wraps 'data' in an object for KV v2 compatibility, writes to Vault using vaultClient.write, and returns the JSON-stringified result as text content.
case "vault_write": { const { path, data } = args as { path: string; data: Record<string, any> }; // For KV v2, wrap data in a data object const result = await vaultClient.write(path, { data }); return { content: [ { type: "text", text: JSON.stringify(result, null, 2), }, ], }; } - src/index.ts:48-61 (schema)Input schema for the 'vault_write' tool, defining required 'path' (string) and 'data' (object) properties.
inputSchema: { type: "object", properties: { path: { type: "string", description: "The path to write the secret to (e.g., 'secret/data/myapp')", }, data: { type: "object", description: "The secret data to write as a JSON object", }, }, required: ["path", "data"], }, - src/index.ts:45-62 (registration)Tool registration in the TOOLS array, including name, description, and input schema for 'vault_write'. This is returned by the ListTools handler.
{ name: "vault_write", description: "Write a secret to Vault at the specified path", inputSchema: { type: "object", properties: { path: { type: "string", description: "The path to write the secret to (e.g., 'secret/data/myapp')", }, data: { type: "object", description: "The secret data to write as a JSON object", }, }, required: ["path", "data"], }, },