Skip to main content

Reference

Object

Add an object

Adds an object to a collection.

pvault object add --fields=value [ --ttl=value ] [ --no-ttl ] [ --reload-cache ] --collection=COLLECTION [ --addr=URL ] [ --json | -j ] [ --compact | -c ] [ --insecure | -k ] [ --reason=REASON ] [ --authtoken=TOKEN ] [ --log-level=LOG_LEVEL ]
  • --fields: The object details in JSON format. To use a file path prefix with '@' or to use stdin use '-'.[Required]
  • --ttl: Time to live (TTL) for the object. If not set, default TTL is used.(Optional)
  • --no-ttl: The object doesn't expire.(Optional)
  • --reload-cache: Forces a cache reload.(Optional)
  • --collection: [Global] The COLLECTION name.[Required]
  • --addr: [Global] The URL of the Piiano Vault implementation.(Default: http://localhost:8123)
  • --json, -j: [Global] Where JSON is used in the command, returns the output in JSON format.(Optional)
  • --compact, -c: [Global] When used with the --json flag, the JSON output is compact.(Optional)
  • --insecure, -k: [Global] Skip TLS certificate verification.(Optional)
  • --reason: [Global] The REASON for accessing Piiano Vault, using one of these codes: AppFunctionality, Analytics, Notifications, ThirdPartyMarketing, Marketing, FraudPreventionSecurityAndCompliance, AccountManagement, DataSubjectRequest, Maintenance, and Other.(Default: Maintenance)
  • --authtoken: [Global] The authorization TOKEN that is passed in the header of each request.(Default: pvaultauth)
  • --log-level: [Global] The LOG_LEVEL of the log recorded by this transaction. The allowed values are debug, info, warn, and error.(Default: info)

Update an object

Updates an object of a collection.

pvault object update --id=value --fields=value [ --ttl=value ] [ --no-ttl ] [ --deleted ] [ --reload-cache ] --collection=COLLECTION [ --addr=URL ] [ --json | -j ] [ --compact | -c ] [ --insecure | -k ] [ --reason=REASON ] [ --authtoken=TOKEN ] [ --log-level=LOG_LEVEL ]
  • --id: The ID of the object to update.[Required]
  • --fields: The object details in JSON format. To use a file path prefix with '@' or to use stdin use '-'.[Required]
  • --ttl: Time to live (TTL) for the object. If not set, TTL is not changed.(Optional)
  • --no-ttl: The object doesn't expire.(Optional)
  • --deleted: Returns only deleted objects.(Optional)
  • --reload-cache: Forces a cache reload.(Optional)
  • --collection: [Global] The COLLECTION name.[Required]
  • --addr: [Global] The URL of the Piiano Vault implementation.(Default: http://localhost:8123)
  • --json, -j: [Global] Where JSON is used in the command, returns the output in JSON format.(Optional)
  • --compact, -c: [Global] When used with the --json flag, the JSON output is compact.(Optional)
  • --insecure, -k: [Global] Skip TLS certificate verification.(Optional)
  • --reason: [Global] The REASON for accessing Piiano Vault, using one of these codes: AppFunctionality, Analytics, Notifications, ThirdPartyMarketing, Marketing, FraudPreventionSecurityAndCompliance, AccountManagement, DataSubjectRequest, Maintenance, and Other.(Default: Maintenance)
  • --authtoken: [Global] The authorization TOKEN that is passed in the header of each request.(Default: pvaultauth)
  • --log-level: [Global] The LOG_LEVEL of the log recorded by this transaction. The allowed values are debug, info, warn, and error.(Default: info)

Get objects

Gets details of objects in a collection.

pvault object get --id=value [ --props=value ] [ --all-unsafe ] [ --show-builtins ] [ --deleted ] [ --reload-cache ] --collection=COLLECTION [ --addr=URL ] [ --json | -j ] [ --compact | -c ] [ --insecure | -k ] [ --reason=REASON ] [ --authtoken=TOKEN ] [ --log-level=LOG_LEVEL ]
  • --id: A comma-delimited list of objects IDs.[Required]
  • --props: Comma-delimited list of property names and transformations to return.(Optional)
  • --all-unsafe: Returns all properties of the object.(Optional)
  • --show-builtins: Shows the built-in properties in the response.(Optional)
  • --deleted: Returns only deleted objects.(Optional)
  • --reload-cache: Forces a cache reload.(Optional)
  • --collection: [Global] The COLLECTION name.[Required]
  • --addr: [Global] The URL of the Piiano Vault implementation.(Default: http://localhost:8123)
  • --json, -j: [Global] Where JSON is used in the command, returns the output in JSON format.(Optional)
  • --compact, -c: [Global] When used with the --json flag, the JSON output is compact.(Optional)
  • --insecure, -k: [Global] Skip TLS certificate verification.(Optional)
  • --reason: [Global] The REASON for accessing Piiano Vault, using one of these codes: AppFunctionality, Analytics, Notifications, ThirdPartyMarketing, Marketing, FraudPreventionSecurityAndCompliance, AccountManagement, DataSubjectRequest, Maintenance, and Other.(Default: Maintenance)
  • --authtoken: [Global] The authorization TOKEN that is passed in the header of each request.(Default: pvaultauth)
  • --log-level: [Global] The LOG_LEVEL of the log recorded by this transaction. The allowed values are debug, info, warn, and error.(Default: info)

Search objects

Returns a paginated list of objects in a collection by query.

pvault object query [ --match=value ] [ --match-json=value ] [ --props=value ] [ --all-unsafe ] [ --cursor=value ] [ --page-size=100 ] [ --show-builtins ] [ --deleted ] [ --reload-cache ] --collection=COLLECTION [ --addr=URL ] [ --json | -j ] [ --compact | -c ] [ --insecure | -k ] [ --reason=REASON ] [ --authtoken=TOKEN ] [ --log-level=LOG_LEVEL ]
  • --match: Equal sign delimiter for property name and searched value in the form of property=value. Accepts multiple inputs. (Optional)
  • --match-json: The query in JSON format. To use a file path prefix with '@' or to use stdin use '-'.(Optional)
  • --props: Comma-delimited list of property names and transformations to return.(Optional)
  • --all-unsafe: Returns all properties for the object.(Optional)
  • --cursor: The cursor returned by the previous call or an empty string for the first call.(Optional)
  • --page-size: The maximum number of items to be returned in the call.(Default: 100)
  • --show-builtins: Shows the built-in properties in the response.(Optional)
  • --deleted: Returns only deleted objects.(Optional)
  • --reload-cache: Forces a cache reload.(Optional)
  • --collection: [Global] The COLLECTION name.[Required]
  • --addr: [Global] The URL of the Piiano Vault implementation.(Default: http://localhost:8123)
  • --json, -j: [Global] Where JSON is used in the command, returns the output in JSON format.(Optional)
  • --compact, -c: [Global] When used with the --json flag, the JSON output is compact.(Optional)
  • --insecure, -k: [Global] Skip TLS certificate verification.(Optional)
  • --reason: [Global] The REASON for accessing Piiano Vault, using one of these codes: AppFunctionality, Analytics, Notifications, ThirdPartyMarketing, Marketing, FraudPreventionSecurityAndCompliance, AccountManagement, DataSubjectRequest, Maintenance, and Other.(Default: Maintenance)
  • --authtoken: [Global] The authorization TOKEN that is passed in the header of each request.(Default: pvaultauth)
  • --log-level: [Global] The LOG_LEVEL of the log recorded by this transaction. The allowed values are debug, info, warn, and error.(Default: info)

List all objects

Returns a paginated list of all objects from a collection with all or a subset of object property values.

pvault object list [ --props=value ] [ --all-unsafe ] [ --cursor=value ] [ --page-size=100 ] [ --show-builtins ] [ --deleted ] [ --reload-cache ] --collection=COLLECTION [ --addr=URL ] [ --json | -j ] [ --compact | -c ] [ --insecure | -k ] [ --reason=REASON ] [ --authtoken=TOKEN ] [ --log-level=LOG_LEVEL ]
  • --props: Comma-delimited list of property names and transformations to return.(Optional)
  • --all-unsafe: Returns all properties for the object.(Optional)
  • --cursor: Reference to the next page for a subsequent call with the same request parameters. An empty string for the first call.(Optional)
  • --page-size: The maximum number of items to return in the call.(Default: 100)
  • --show-builtins: Shows the built-in properties in the response.(Optional)
  • --deleted: Returns only deleted objects.(Optional)
  • --reload-cache: Forces a cache reload.(Optional)
  • --collection: [Global] The COLLECTION name.[Required]
  • --addr: [Global] The URL of the Piiano Vault implementation.(Default: http://localhost:8123)
  • --json, -j: [Global] Where JSON is used in the command, returns the output in JSON format.(Optional)
  • --compact, -c: [Global] When used with the --json flag, the JSON output is compact.(Optional)
  • --insecure, -k: [Global] Skip TLS certificate verification.(Optional)
  • --reason: [Global] The REASON for accessing Piiano Vault, using one of these codes: AppFunctionality, Analytics, Notifications, ThirdPartyMarketing, Marketing, FraudPreventionSecurityAndCompliance, AccountManagement, DataSubjectRequest, Maintenance, and Other.(Default: Maintenance)
  • --authtoken: [Global] The authorization TOKEN that is passed in the header of each request.(Default: pvaultauth)
  • --log-level: [Global] The LOG_LEVEL of the log recorded by this transaction. The allowed values are debug, info, warn, and error.(Default: info)

Delete an object

Deletes an object from a collection.

pvault object delete --id=value [ --hard-delete ] [ --deleted ] [ --reload-cache ] --collection=COLLECTION [ --addr=URL ] [ --json | -j ] [ --compact | -c ] [ --insecure | -k ] [ --reason=REASON ] [ --authtoken=TOKEN ] [ --log-level=LOG_LEVEL ]
  • --id: The ID of the object to delete.[Required]
  • --hard-delete: Whether to hard delete the object.(Optional)
  • --deleted: Whether to remove only deleted objects. Requires --hard-delete to be specified.(Optional)
  • --reload-cache: Forces a cache reload.(Optional)
  • --collection: [Global] The COLLECTION name.[Required]
  • --addr: [Global] The URL of the Piiano Vault implementation.(Default: http://localhost:8123)
  • --json, -j: [Global] Where JSON is used in the command, returns the output in JSON format.(Optional)
  • --compact, -c: [Global] When used with the --json flag, the JSON output is compact.(Optional)
  • --insecure, -k: [Global] Skip TLS certificate verification.(Optional)
  • --reason: [Global] The REASON for accessing Piiano Vault, using one of these codes: AppFunctionality, Analytics, Notifications, ThirdPartyMarketing, Marketing, FraudPreventionSecurityAndCompliance, AccountManagement, DataSubjectRequest, Maintenance, and Other.(Default: Maintenance)
  • --authtoken: [Global] The authorization TOKEN that is passed in the header of each request.(Default: pvaultauth)
  • --log-level: [Global] The LOG_LEVEL of the log recorded by this transaction. The allowed values are debug, info, warn, and error.(Default: info)

Token

Tokenize

Creates tokens that reference the values of objects' properties. The returned list of token IDs is in the same order as the object IDs in the request. If any of the object IDs are invalid or not found, no tokens are produced.

pvault token create --object-id=value --props=value --type=value [ --non-reversible ] [ --ttl=value ] [ --no-ttl ] [ --scope=default ] [ --tag=value ] [ --reusable-token-id ] [ --fptemplate=value ] [ --fpprops=value ] [ --reload-cache ] --collection=COLLECTION [ --addr=URL ] [ --json | -j ] [ --compact | -c ] [ --insecure | -k ] [ --reason=REASON ] [ --authtoken=TOKEN ] [ --log-level=LOG_LEVEL ]
  • --object-id: Comma-separated list of object IDs. Accepts multiple inputs. [Required]
  • --props: Comma-separated list of property names. Accepts multiple inputs. [Required]
  • --type: The type of the tokens. Options: VALUE, POINTER[Required]
  • --non-reversible: Whether tne tokens are reversible.(Optional)
  • --ttl: Time to live (TTL) for the tokens. If not set, default TTL is used.(Optional)
  • --no-ttl: The tokens don't expire.(Optional)
  • --scope: A classification for the tokens.(Default: default)
  • --tag: Comma-separated list of tags to attach to the tokens. Accepts multiple inputs. (Optional)
  • --reusable-token-id: Whether to reuse token IDs.
    • If the combination of object ID, property values, and scope are not represented in a token whose ID can be reused, creates a new token and indicates that its ID can be reused.
    • If the combination of object ID, property values, and scope are represented in a token whose ID can be reused, returns the reusable token's ID.
    Applies only to VALUE tokens.(Optional)
  • --fptemplate: Format preserve template to use to generate the token IDs.(Optional)
  • --fpprops: Property names to be used by the format preserve template to generate the token IDs. Accepts multiple inputs. (Optional)
  • --reload-cache: Forces a cache reload.(Optional)
  • --collection: [Global] The COLLECTION name.[Required]
  • --addr: [Global] The URL of the Piiano Vault implementation.(Default: http://localhost:8123)
  • --json, -j: [Global] Where JSON is used in the command, returns the output in JSON format.(Optional)
  • --compact, -c: [Global] When used with the --json flag, the JSON output is compact.(Optional)
  • --insecure, -k: [Global] Skip TLS certificate verification.(Optional)
  • --reason: [Global] The REASON for accessing Piiano Vault, using one of these codes: AppFunctionality, Analytics, Notifications, ThirdPartyMarketing, Marketing, FraudPreventionSecurityAndCompliance, AccountManagement, DataSubjectRequest, Maintenance, and Other.(Default: Maintenance)
  • --authtoken: [Global] The authorization TOKEN that is passed in the header of each request.(Default: pvaultauth)
  • --log-level: [Global] The LOG_LEVEL of the log recorded by this transaction. The allowed values are debug, info, warn, and error.(Default: info)

Detokenize

Returns the object property values for tokens. The detokenized tokens are those that match all the criteria in --token-id or -t, --object-id, and --tag.

pvault token detokenize [ --token-id | -t=value ] [ --object-id=value ] [ --tag=value ] [ --deleted ] [ --include-metadata ] [ --reload-cache ] --collection=COLLECTION [ --addr=URL ] [ --json | -j ] [ --compact | -c ] [ --insecure | -k ] [ --reason=REASON ] [ --authtoken=TOKEN ] [ --log-level=LOG_LEVEL ]
  • --token-id, -t: Comma-separated list of token IDs. Accepts multiple inputs. (Optional)
  • --object-id: Comma-separated list of object IDs that own the tokens. Accepts multiple inputs. (Optional)
  • --tag: Comma-separated list of tags. Accepts multiple inputs. (Optional)
  • --deleted: Whether to detokenize deleted tokens.(Optional)
  • --include-metadata: Whether to include the metadata of the token.(Optional)
  • --reload-cache: Forces a cache reload.(Optional)
  • --collection: [Global] The COLLECTION name.[Required]
  • --addr: [Global] The URL of the Piiano Vault implementation.(Default: http://localhost:8123)
  • --json, -j: [Global] Where JSON is used in the command, returns the output in JSON format.(Optional)
  • --compact, -c: [Global] When used with the --json flag, the JSON output is compact.(Optional)
  • --insecure, -k: [Global] Skip TLS certificate verification.(Optional)
  • --reason: [Global] The REASON for accessing Piiano Vault, using one of these codes: AppFunctionality, Analytics, Notifications, ThirdPartyMarketing, Marketing, FraudPreventionSecurityAndCompliance, AccountManagement, DataSubjectRequest, Maintenance, and Other.(Default: Maintenance)
  • --authtoken: [Global] The authorization TOKEN that is passed in the header of each request.(Default: pvaultauth)
  • --log-level: [Global] The LOG_LEVEL of the log recorded by this transaction. The allowed values are debug, info, warn, and error.(Default: info)

Search tokens

Gets tokens with their metadata. The listed tokens are those that match all the criteria in --token-id or -t, --object-id, and --tag.

pvault token info [ --token-id | -t=value ] [ --object-id=value ] [ --tag=value ] [ --deleted ] [ --reload-cache ] --collection=COLLECTION [ --addr=URL ] [ --json | -j ] [ --compact | -c ] [ --insecure | -k ] [ --reason=REASON ] [ --authtoken=TOKEN ] [ --log-level=LOG_LEVEL ]
  • --token-id, -t: Comma-separated list of token IDs. Accepts multiple inputs. (Optional)
  • --object-id: Comma-separated list of object IDs that own the tokens. Accepts multiple inputs. (Optional)
  • --tag: Comma-separated list of tags. Accepts multiple inputs. (Optional)
  • --deleted: Whether to return only deleted tokens.(Optional)
  • --reload-cache: Forces a cache reload.(Optional)
  • --collection: [Global] The COLLECTION name.[Required]
  • --addr: [Global] The URL of the Piiano Vault implementation.(Default: http://localhost:8123)
  • --json, -j: [Global] Where JSON is used in the command, returns the output in JSON format.(Optional)
  • --compact, -c: [Global] When used with the --json flag, the JSON output is compact.(Optional)
  • --insecure, -k: [Global] Skip TLS certificate verification.(Optional)
  • --reason: [Global] The REASON for accessing Piiano Vault, using one of these codes: AppFunctionality, Analytics, Notifications, ThirdPartyMarketing, Marketing, FraudPreventionSecurityAndCompliance, AccountManagement, DataSubjectRequest, Maintenance, and Other.(Default: Maintenance)
  • --authtoken: [Global] The authorization TOKEN that is passed in the header of each request.(Default: pvaultauth)
  • --log-level: [Global] The LOG_LEVEL of the log recorded by this transaction. The allowed values are debug, info, warn, and error.(Default: info)

Update tokens

Updates tags and expiration token metadata. The tokens updated are those that match all the criteria in --token-id or -t, --object-id, and --tag.

pvault token update [ --token-id | -t=value ] [ --object-id=value ] [ --tag=value ] [ --new-tags=value ] [ --ttl=value ] [ --no-ttl ] [ --deleted ] [ --reload-cache ] --collection=COLLECTION [ --addr=URL ] [ --json | -j ] [ --compact | -c ] [ --insecure | -k ] [ --reason=REASON ] [ --authtoken=TOKEN ] [ --log-level=LOG_LEVEL ]
  • --token-id, -t: Comma-separated list of token IDs. Accepts multiple inputs. (Optional)
  • --object-id: Comma-separated list of object IDs that own the tokens. Accepts multiple inputs. (Optional)
  • --tag: Comma-separated list of tags. Accepts multiple inputs. (Optional)
  • --new-tags: Comma-separated list of tags. Accepts multiple inputs. (Optional)
  • --ttl: Time to live (TTL) for the tokens. If not set, the expiry dates of the tokens are not changed.(Optional)
  • --no-ttl: The tokens don't expire.(Optional)
  • --deleted: Whether to update only deleted tokens.(Optional)
  • --reload-cache: Forces a cache reload.(Optional)
  • --collection: [Global] The COLLECTION name.[Required]
  • --addr: [Global] The URL of the Piiano Vault implementation.(Default: http://localhost:8123)
  • --json, -j: [Global] Where JSON is used in the command, returns the output in JSON format.(Optional)
  • --compact, -c: [Global] When used with the --json flag, the JSON output is compact.(Optional)
  • --insecure, -k: [Global] Skip TLS certificate verification.(Optional)
  • --reason: [Global] The REASON for accessing Piiano Vault, using one of these codes: AppFunctionality, Analytics, Notifications, ThirdPartyMarketing, Marketing, FraudPreventionSecurityAndCompliance, AccountManagement, DataSubjectRequest, Maintenance, and Other.(Default: Maintenance)
  • --authtoken: [Global] The authorization TOKEN that is passed in the header of each request.(Default: pvaultauth)
  • --log-level: [Global] The LOG_LEVEL of the log recorded by this transaction. The allowed values are debug, info, warn, and error.(Default: info)

Rotate tokens

Generates new token IDs for tokens. The tokens rotated are those that match all the criteria in --token-id or -t, --object-id, and --tag.

pvault token rotate { --token-id | -t=value } [ --reload-cache ] --collection=COLLECTION [ --addr=URL ] [ --json | -j ] [ --compact | -c ] [ --insecure | -k ] [ --reason=REASON ] [ --authtoken=TOKEN ] [ --log-level=LOG_LEVEL ]
  • --token-id, -t: Comma-separated list of token IDs. Accepts multiple inputs. [Required]
  • --reload-cache: Forces a cache reload.(Optional)
  • --collection: [Global] The COLLECTION name.[Required]
  • --addr: [Global] The URL of the Piiano Vault implementation.(Default: http://localhost:8123)
  • --json, -j: [Global] Where JSON is used in the command, returns the output in JSON format.(Optional)
  • --compact, -c: [Global] When used with the --json flag, the JSON output is compact.(Optional)
  • --insecure, -k: [Global] Skip TLS certificate verification.(Optional)
  • --reason: [Global] The REASON for accessing Piiano Vault, using one of these codes: AppFunctionality, Analytics, Notifications, ThirdPartyMarketing, Marketing, FraudPreventionSecurityAndCompliance, AccountManagement, DataSubjectRequest, Maintenance, and Other.(Default: Maintenance)
  • --authtoken: [Global] The authorization TOKEN that is passed in the header of each request.(Default: pvaultauth)
  • --log-level: [Global] The LOG_LEVEL of the log recorded by this transaction. The allowed values are debug, info, warn, and error.(Default: info)

Delete tokens

Deletes tokens. The tokens deleted are those that match all the criteria in --token-id or -t, --object-id, and --tag.

pvault token delete [ --token-id | -t=value ] [ --object-id=value ] [ --tag=value ] [ --hard-delete ] [ --deleted ] [ --reload-cache ] --collection=COLLECTION [ --addr=URL ] [ --json | -j ] [ --compact | -c ] [ --insecure | -k ] [ --reason=REASON ] [ --authtoken=TOKEN ] [ --log-level=LOG_LEVEL ]
  • --token-id, -t: Comma-separated list of token IDs. Accepts multiple inputs. (Optional)
  • --object-id: Comma-separated list of object IDs that own the tokens. Accepts multiple inputs. (Optional)
  • --tag: Comma-separated list of tags. Accepts multiple inputs. (Optional)
  • --hard-delete: Whether to hard delete the tokens.(Optional)
  • --deleted: Whether to remove only deleted tokens. Requires --hard-delete to be specified.(Optional)
  • --reload-cache: Forces a cache reload.(Optional)
  • --collection: [Global] The COLLECTION name.[Required]
  • --addr: [Global] The URL of the Piiano Vault implementation.(Default: http://localhost:8123)
  • --json, -j: [Global] Where JSON is used in the command, returns the output in JSON format.(Optional)
  • --compact, -c: [Global] When used with the --json flag, the JSON output is compact.(Optional)
  • --insecure, -k: [Global] Skip TLS certificate verification.(Optional)
  • --reason: [Global] The REASON for accessing Piiano Vault, using one of these codes: AppFunctionality, Analytics, Notifications, ThirdPartyMarketing, Marketing, FraudPreventionSecurityAndCompliance, AccountManagement, DataSubjectRequest, Maintenance, and Other.(Default: Maintenance)
  • --authtoken: [Global] The authorization TOKEN that is passed in the header of each request.(Default: pvaultauth)
  • --log-level: [Global] The LOG_LEVEL of the log recorded by this transaction. The allowed values are debug, info, warn, and error.(Default: info)

Collection

List collections

Lists all collections.

The default table output lists the collection names and their corresponding types, creation time, and last modification time. To obtain details of the collection and its properties, use the JSON or PVSchema flags.

pvault collection list [ --show-builtins ] [ --pvschema ] [ --addr=URL ] [ --json | -j ] [ --compact | -c ] [ --insecure | -k ] [ --reason=REASON ] [ --authtoken=TOKEN ] [ --log-level=LOG_LEVEL ]
  • --show-builtins: Shows the built-in properties in the response.(Optional)
  • --pvschema: Returns the collections list in the PVSchema format.(Optional)
  • --addr: [Global] The URL of the Piiano Vault implementation.(Default: http://localhost:8123)
  • --json, -j: [Global] Where JSON is used in the command, returns the output in JSON format.(Optional)
  • --compact, -c: [Global] When used with the --json flag, the JSON output is compact.(Optional)
  • --insecure, -k: [Global] Skip TLS certificate verification.(Optional)
  • --reason: [Global] The REASON for accessing Piiano Vault, using one of these codes: AppFunctionality, Analytics, Notifications, ThirdPartyMarketing, Marketing, FraudPreventionSecurityAndCompliance, AccountManagement, DataSubjectRequest, Maintenance, and Other.(Default: Maintenance)
  • --authtoken: [Global] The authorization TOKEN that is passed in the header of each request.(Default: pvaultauth)
  • --log-level: [Global] The LOG_LEVEL of the log recorded by this transaction. The allowed values are debug, info, warn, and error.(Default: info)

Get collection

Gets a collection and its properties.

The default response to this command is a PVSchema for the collection.

pvault collection get [ --pvschema ] [ --show-builtins ] --collection=COLLECTION [ --addr=URL ] [ --json | -j ] [ --compact | -c ] [ --insecure | -k ] [ --reason=REASON ] [ --authtoken=TOKEN ] [ --log-level=LOG_LEVEL ]
  • --pvschema: Returns the collection details in PVSchema format.(Optional)
  • --show-builtins: Shows the built-in properties in the response.(Optional)
  • --collection: [Global] The COLLECTION name.[Required]
  • --addr: [Global] The URL of the Piiano Vault implementation.(Default: http://localhost:8123)
  • --json, -j: [Global] Where JSON is used in the command, returns the output in JSON format.(Optional)
  • --compact, -c: [Global] When used with the --json flag, the JSON output is compact.(Optional)
  • --insecure, -k: [Global] Skip TLS certificate verification.(Optional)
  • --reason: [Global] The REASON for accessing Piiano Vault, using one of these codes: AppFunctionality, Analytics, Notifications, ThirdPartyMarketing, Marketing, FraudPreventionSecurityAndCompliance, AccountManagement, DataSubjectRequest, Maintenance, and Other.(Default: Maintenance)
  • --authtoken: [Global] The authorization TOKEN that is passed in the header of each request.(Default: pvaultauth)
  • --log-level: [Global] The LOG_LEVEL of the log recorded by this transaction. The allowed values are debug, info, warn, and error.(Default: info)

Add collection

Adds a collection.

The collection can be defined using a specification in JSON or PVSchema format. A template can also be used, with or without test data.

pvault collection add [ --collection-json=value ] [ --collection-pvschema=value ] [ --pvschema ] [ --show-builtins ] [ --collection-template=value ] [ --add-test-data ] [ --collection=COLLECTION ] [ --addr=URL ] [ --json | -j ] [ --compact | -c ] [ --insecure | -k ] [ --reason=REASON ] [ --authtoken=TOKEN ] [ --log-level=LOG_LEVEL ]
  • --collection-json: The collection details to add in JSON format. To read from a file path prefix with '@' or to use stdin use '-'.(Optional)
  • --collection-pvschema: The collection details to add in PVSchema format. To read from a file path prefix with '@' or to use stdin use '-'.(Optional)
  • --pvschema: Returns the collection in PVSchema format.(Optional)
  • --show-builtins: Shows the built-in properties in the response.(Optional)
  • --collection-template: The collection template to use. This template provides example properties and can be combined with --add-test-data to add example data to the collection. Supported values are: persons and credit_card.(Optional)
  • --add-test-data: Adds example data to the collection. Can only be used with --collection-template.(Optional)
  • --collection: [Global] The COLLECTION name.(Optional)
  • --addr: [Global] The URL of the Piiano Vault implementation.(Default: http://localhost:8123)
  • --json, -j: [Global] Where JSON is used in the command, returns the output in JSON format.(Optional)
  • --compact, -c: [Global] When used with the --json flag, the JSON output is compact.(Optional)
  • --insecure, -k: [Global] Skip TLS certificate verification.(Optional)
  • --reason: [Global] The REASON for accessing Piiano Vault, using one of these codes: AppFunctionality, Analytics, Notifications, ThirdPartyMarketing, Marketing, FraudPreventionSecurityAndCompliance, AccountManagement, DataSubjectRequest, Maintenance, and Other.(Default: Maintenance)
  • --authtoken: [Global] The authorization TOKEN that is passed in the header of each request.(Default: pvaultauth)
  • --log-level: [Global] The LOG_LEVEL of the log recorded by this transaction. The allowed values are debug, info, warn, and error.(Default: info)

Update collection

Adds properties to a collection.

The default response to this command is a PVSchema for the properties added.

pvault collection update [ --collection-json=value ] [ --collection-pvschema=value ] [ --pvschema ] [ --show-builtins ] --collection=COLLECTION [ --addr=URL ] [ --json | -j ] [ --compact | -c ] [ --insecure | -k ] [ --reason=REASON ] [ --authtoken=TOKEN ] [ --log-level=LOG_LEVEL ]
  • --collection-json: The collection details to update in JSON format. To read from a file path prefix with '@' or to use stdin use '-'.(Optional)
  • --collection-pvschema: The collection details to update in PVSchema format. To read from a file path prefix with '@' or to use stdin use '-'.(Optional)
  • --pvschema: Returns the collection in PVSchema format.(Optional)
  • --show-builtins: Shows the built-in properties in the response.(Optional)
  • --collection: [Global] The COLLECTION name.[Required]
  • --addr: [Global] The URL of the Piiano Vault implementation.(Default: http://localhost:8123)
  • --json, -j: [Global] Where JSON is used in the command, returns the output in JSON format.(Optional)
  • --compact, -c: [Global] When used with the --json flag, the JSON output is compact.(Optional)
  • --insecure, -k: [Global] Skip TLS certificate verification.(Optional)
  • --reason: [Global] The REASON for accessing Piiano Vault, using one of these codes: AppFunctionality, Analytics, Notifications, ThirdPartyMarketing, Marketing, FraudPreventionSecurityAndCompliance, AccountManagement, DataSubjectRequest, Maintenance, and Other.(Default: Maintenance)
  • --authtoken: [Global] The authorization TOKEN that is passed in the header of each request.(Default: pvaultauth)
  • --log-level: [Global] The LOG_LEVEL of the log recorded by this transaction. The allowed values are debug, info, warn, and error.(Default: info)

Apply collection

Adds properties a collection or creates a new collection if the collection is not found.

The default response to this command is a PVSchema for the collections and properties added.

pvault collection apply [ --collection-json=value ] [ --collection-pvschema=value ] [ --pvschema ] [ --show-builtins ] --collection=COLLECTION [ --addr=URL ] [ --json | -j ] [ --compact | -c ] [ --insecure | -k ] [ --reason=REASON ] [ --authtoken=TOKEN ] [ --log-level=LOG_LEVEL ]
  • --collection-json: The collection details to apply in JSON format. To read from a file path prefix with '@' or to use stdin use '-'.(Optional)
  • --collection-pvschema: The collection details to apply in PVSchema format. To read from a file path prefix with '@' or to use stdin use '-'.(Optional)
  • --pvschema: Returns the collection in PVSchema format.(Optional)
  • --show-builtins: Shows the built-in properties in the response.(Optional)
  • --collection: [Global] The COLLECTION name.[Required]
  • --addr: [Global] The URL of the Piiano Vault implementation.(Default: http://localhost:8123)
  • --json, -j: [Global] Where JSON is used in the command, returns the output in JSON format.(Optional)
  • --compact, -c: [Global] When used with the --json flag, the JSON output is compact.(Optional)
  • --insecure, -k: [Global] Skip TLS certificate verification.(Optional)
  • --reason: [Global] The REASON for accessing Piiano Vault, using one of these codes: AppFunctionality, Analytics, Notifications, ThirdPartyMarketing, Marketing, FraudPreventionSecurityAndCompliance, AccountManagement, DataSubjectRequest, Maintenance, and Other.(Default: Maintenance)
  • --authtoken: [Global] The authorization TOKEN that is passed in the header of each request.(Default: pvaultauth)
  • --log-level: [Global] The LOG_LEVEL of the log recorded by this transaction. The allowed values are debug, info, warn, and error.(Default: info)

Delete collection

Deletes a collection.

pvault collection delete [ --force | -f ] --collection=COLLECTION [ --addr=URL ] [ --json | -j ] [ --compact | -c ] [ --insecure | -k ] [ --reason=REASON ] [ --authtoken=TOKEN ] [ --log-level=LOG_LEVEL ]
  • --force, -f: Ignores interactive protection.(Optional)
  • --collection: [Global] The COLLECTION name.[Required]
  • --addr: [Global] The URL of the Piiano Vault implementation.(Default: http://localhost:8123)
  • --json, -j: [Global] Where JSON is used in the command, returns the output in JSON format.(Optional)
  • --compact, -c: [Global] When used with the --json flag, the JSON output is compact.(Optional)
  • --insecure, -k: [Global] Skip TLS certificate verification.(Optional)
  • --reason: [Global] The REASON for accessing Piiano Vault, using one of these codes: AppFunctionality, Analytics, Notifications, ThirdPartyMarketing, Marketing, FraudPreventionSecurityAndCompliance, AccountManagement, DataSubjectRequest, Maintenance, and Other.(Default: Maintenance)
  • --authtoken: [Global] The authorization TOKEN that is passed in the header of each request.(Default: pvaultauth)
  • --log-level: [Global] The LOG_LEVEL of the log recorded by this transaction. The allowed values are debug, info, warn, and error.(Default: info)

Collection // Property

List collection properties

Lists all the properties of a collection.

pvault collection property list [ --show-builtins ] --collection=COLLECTION [ --addr=URL ] [ --json | -j ] [ --compact | -c ] [ --insecure | -k ] [ --reason=REASON ] [ --authtoken=TOKEN ] [ --log-level=LOG_LEVEL ]
  • --show-builtins: Shows the built-in properties in the response.(Optional)
  • --collection: [Global] The COLLECTION name.[Required]
  • --addr: [Global] The URL of the Piiano Vault implementation.(Default: http://localhost:8123)
  • --json, -j: [Global] Where JSON is used in the command, returns the output in JSON format.(Optional)
  • --compact, -c: [Global] When used with the --json flag, the JSON output is compact.(Optional)
  • --insecure, -k: [Global] Skip TLS certificate verification.(Optional)
  • --reason: [Global] The REASON for accessing Piiano Vault, using one of these codes: AppFunctionality, Analytics, Notifications, ThirdPartyMarketing, Marketing, FraudPreventionSecurityAndCompliance, AccountManagement, DataSubjectRequest, Maintenance, and Other.(Default: Maintenance)
  • --authtoken: [Global] The authorization TOKEN that is passed in the header of each request.(Default: pvaultauth)
  • --log-level: [Global] The LOG_LEVEL of the log recorded by this transaction. The allowed values are debug, info, warn, and error.(Default: info)

Get collection property

Gets a property of a collection.

pvault collection property get --name=value --collection=COLLECTION [ --addr=URL ] [ --json | -j ] [ --compact | -c ] [ --insecure | -k ] [ --reason=REASON ] [ --authtoken=TOKEN ] [ --log-level=LOG_LEVEL ]
  • --name: The property name.[Required]
  • --collection: [Global] The COLLECTION name.[Required]
  • --addr: [Global] The URL of the Piiano Vault implementation.(Default: http://localhost:8123)
  • --json, -j: [Global] Where JSON is used in the command, returns the output in JSON format.(Optional)
  • --compact, -c: [Global] When used with the --json flag, the JSON output is compact.(Optional)
  • --insecure, -k: [Global] Skip TLS certificate verification.(Optional)
  • --reason: [Global] The REASON for accessing Piiano Vault, using one of these codes: AppFunctionality, Analytics, Notifications, ThirdPartyMarketing, Marketing, FraudPreventionSecurityAndCompliance, AccountManagement, DataSubjectRequest, Maintenance, and Other.(Default: Maintenance)
  • --authtoken: [Global] The authorization TOKEN that is passed in the header of each request.(Default: pvaultauth)
  • --log-level: [Global] The LOG_LEVEL of the log recorded by this transaction. The allowed values are debug, info, warn, and error.(Default: info)

Add collection property

Adds a property to a collection.

pvault collection property add [ --prop=value ] [ --name=value ] [ --description=value ] [ --pii-type-name=value ] [ --is-unique ] [ --is-index ] [ --is-not-encrypted ] [ --is-nullable ] --collection=COLLECTION [ --addr=URL ] [ --json | -j ] [ --compact | -c ] [ --insecure | -k ] [ --reason=REASON ] [ --authtoken=TOKEN ] [ --log-level=LOG_LEVEL ]
  • --prop: The property to add in JSON format. Must be provided if --name isn't provided. See the Add collection property REST API for the specification of the JSON format. To use a file path prefix with '@' or to use stdin use '-'.(Optional)
  • --name: The property name. Must be unique. Must be provided if --prop isn't provided. (Optional)
  • --description: The property description.(Optional)
  • --pii-type-name: The property PII type name. Must be provided if --name is provided.(Optional)
  • --is-unique: Whether the property value is unique on each object.(Optional)
  • --is-index: Whether the property should be indexed.(Optional)
  • --is-not-encrypted: Whether the property is not encrypted.(Optional)
  • --is-nullable: Whether the property is nullable. When the collection contains objects, only nullable properties can be added to the collection.(Optional)
  • --collection: [Global] The COLLECTION name.[Required]
  • --addr: [Global] The URL of the Piiano Vault implementation.(Default: http://localhost:8123)
  • --json, -j: [Global] Where JSON is used in the command, returns the output in JSON format.(Optional)
  • --compact, -c: [Global] When used with the --json flag, the JSON output is compact.(Optional)
  • --insecure, -k: [Global] Skip TLS certificate verification.(Optional)
  • --reason: [Global] The REASON for accessing Piiano Vault, using one of these codes: AppFunctionality, Analytics, Notifications, ThirdPartyMarketing, Marketing, FraudPreventionSecurityAndCompliance, AccountManagement, DataSubjectRequest, Maintenance, and Other.(Default: Maintenance)
  • --authtoken: [Global] The authorization TOKEN that is passed in the header of each request.(Default: pvaultauth)
  • --log-level: [Global] The LOG_LEVEL of the log recorded by this transaction. The allowed values are debug, info, warn, and error.(Default: info)

Delete collection property

Deletes a property from a collection.

Any values stored against the property in objects are also deleted. This operation is irreversible.

pvault collection property delete --name=value --collection=COLLECTION [ --addr=URL ] [ --json | -j ] [ --compact | -c ] [ --insecure | -k ] [ --reason=REASON ] [ --authtoken=TOKEN ] [ --log-level=LOG_LEVEL ]
  • --name: The property name.[Required]
  • --collection: [Global] The COLLECTION name.[Required]
  • --addr: [Global] The URL of the Piiano Vault implementation.(Default: http://localhost:8123)
  • --json, -j: [Global] Where JSON is used in the command, returns the output in JSON format.(Optional)
  • --compact, -c: [Global] When used with the --json flag, the JSON output is compact.(Optional)
  • --insecure, -k: [Global] Skip TLS certificate verification.(Optional)
  • --reason: [Global] The REASON for accessing Piiano Vault, using one of these codes: AppFunctionality, Analytics, Notifications, ThirdPartyMarketing, Marketing, FraudPreventionSecurityAndCompliance, AccountManagement, DataSubjectRequest, Maintenance, and Other.(Default: Maintenance)
  • --authtoken: [Global] The authorization TOKEN that is passed in the header of each request.(Default: pvaultauth)
  • --log-level: [Global] The LOG_LEVEL of the log recorded by this transaction. The allowed values are debug, info, warn, and error.(Default: info)

Transformation

List all transformations

Gets all transformations in a collection.

pvault transformation list [ --addr=URL ] [ --json | -j ] [ --compact | -c ] [ --insecure | -k ] [ --reason=REASON ] [ --authtoken=TOKEN ] [ --log-level=LOG_LEVEL ]
  • --addr: [Global] The URL of the Piiano Vault implementation.(Default: http://localhost:8123)
  • --json, -j: [Global] Where JSON is used in the command, returns the output in JSON format.(Optional)
  • --compact, -c: [Global] When used with the --json flag, the JSON output is compact.(Optional)
  • --insecure, -k: [Global] Skip TLS certificate verification.(Optional)
  • --reason: [Global] The REASON for accessing Piiano Vault, using one of these codes: AppFunctionality, Analytics, Notifications, ThirdPartyMarketing, Marketing, FraudPreventionSecurityAndCompliance, AccountManagement, DataSubjectRequest, Maintenance, and Other.(Default: Maintenance)
  • --authtoken: [Global] The authorization TOKEN that is passed in the header of each request.(Default: pvaultauth)
  • --log-level: [Global] The LOG_LEVEL of the log recorded by this transaction. The allowed values are debug, info, warn, and error.(Default: info)

Identity And Access Management

Get IAM configuration

Gets IAM configuration in TOML format.

pvault iam get [ --addr=URL ] [ --json | -j ] [ --compact | -c ] [ --insecure | -k ] [ --reason=REASON ] [ --authtoken=TOKEN ] [ --log-level=LOG_LEVEL ]
  • --addr: [Global] The URL of the Piiano Vault implementation.(Default: http://localhost:8123)
  • --json, -j: [Global] Where JSON is used in the command, returns the output in JSON format.(Optional)
  • --compact, -c: [Global] When used with the --json flag, the JSON output is compact.(Optional)
  • --insecure, -k: [Global] Skip TLS certificate verification.(Optional)
  • --reason: [Global] The REASON for accessing Piiano Vault, using one of these codes: AppFunctionality, Analytics, Notifications, ThirdPartyMarketing, Marketing, FraudPreventionSecurityAndCompliance, AccountManagement, DataSubjectRequest, Maintenance, and Other.(Default: Maintenance)
  • --authtoken: [Global] The authorization TOKEN that is passed in the header of each request.(Default: pvaultauth)
  • --log-level: [Global] The LOG_LEVEL of the log recorded by this transaction. The allowed values are debug, info, warn, and error.(Default: info)

Set IAM configuration

Sets the IAM configuration.

pvault iam apply --conf=value [ --addr=URL ] [ --json | -j ] [ --compact | -c ] [ --insecure | -k ] [ --reason=REASON ] [ --authtoken=TOKEN ] [ --log-level=LOG_LEVEL ]
  • --conf: The configuration to apply in TOML format. To use a file path prefix with '@' or to use stdin use '-'.[Required]
  • --addr: [Global] The URL of the Piiano Vault implementation.(Default: http://localhost:8123)
  • --json, -j: [Global] Where JSON is used in the command, returns the output in JSON format.(Optional)
  • --compact, -c: [Global] When used with the --json flag, the JSON output is compact.(Optional)
  • --insecure, -k: [Global] Skip TLS certificate verification.(Optional)
  • --reason: [Global] The REASON for accessing Piiano Vault, using one of these codes: AppFunctionality, Analytics, Notifications, ThirdPartyMarketing, Marketing, FraudPreventionSecurityAndCompliance, AccountManagement, DataSubjectRequest, Maintenance, and Other.(Default: Maintenance)
  • --authtoken: [Global] The authorization TOKEN that is passed in the header of each request.(Default: pvaultauth)
  • --log-level: [Global] The LOG_LEVEL of the log recorded by this transaction. The allowed values are debug, info, warn, and error.(Default: info)

Regenerate user API key

Regenerates a user's API key. The user's current key is invalidated.

pvault iam regen-api-key --name=value [ --addr=URL ] [ --json | -j ] [ --compact | -c ] [ --insecure | -k ] [ --reason=REASON ] [ --authtoken=TOKEN ] [ --log-level=LOG_LEVEL ]
  • --name: Username of the user to regenerate the API key for.[Required]
  • --addr: [Global] The URL of the Piiano Vault implementation.(Default: http://localhost:8123)
  • --json, -j: [Global] Where JSON is used in the command, returns the output in JSON format.(Optional)
  • --compact, -c: [Global] When used with the --json flag, the JSON output is compact.(Optional)
  • --insecure, -k: [Global] Skip TLS certificate verification.(Optional)
  • --reason: [Global] The REASON for accessing Piiano Vault, using one of these codes: AppFunctionality, Analytics, Notifications, ThirdPartyMarketing, Marketing, FraudPreventionSecurityAndCompliance, AccountManagement, DataSubjectRequest, Maintenance, and Other.(Default: Maintenance)
  • --authtoken: [Global] The authorization TOKEN that is passed in the header of each request.(Default: pvaultauth)
  • --log-level: [Global] The LOG_LEVEL of the log recorded by this transaction. The allowed values are debug, info, warn, and error.(Default: info)

Get user capabilities and policies

Gets the capabilities and policies for a user.

pvault iam user-view --name=value [ --addr=URL ] [ --json | -j ] [ --compact | -c ] [ --insecure | -k ] [ --reason=REASON ] [ --authtoken=TOKEN ] [ --log-level=LOG_LEVEL ]
  • --name: user name.[Required]
  • --addr: [Global] The URL of the Piiano Vault implementation.(Default: http://localhost:8123)
  • --json, -j: [Global] Where JSON is used in the command, returns the output in JSON format.(Optional)
  • --compact, -c: [Global] When used with the --json flag, the JSON output is compact.(Optional)
  • --insecure, -k: [Global] Skip TLS certificate verification.(Optional)
  • --reason: [Global] The REASON for accessing Piiano Vault, using one of these codes: AppFunctionality, Analytics, Notifications, ThirdPartyMarketing, Marketing, FraudPreventionSecurityAndCompliance, AccountManagement, DataSubjectRequest, Maintenance, and Other.(Default: Maintenance)
  • --authtoken: [Global] The authorization TOKEN that is passed in the header of each request.(Default: pvaultauth)
  • --log-level: [Global] The LOG_LEVEL of the log recorded by this transaction. The allowed values are debug, info, warn, and error.(Default: info)

Get resource access details

Gets details of the users and associated reasons that can access a resource for an operation.

pvault iam resource-view --resource=value --operation=value [ --addr=URL ] [ --json | -j ] [ --compact | -c ] [ --insecure | -k ] [ --reason=REASON ] [ --authtoken=TOKEN ] [ --log-level=LOG_LEVEL ]
  • --resource: resource.[Required]
  • --operation: operation.[Required]
  • --addr: [Global] The URL of the Piiano Vault implementation.(Default: http://localhost:8123)
  • --json, -j: [Global] Where JSON is used in the command, returns the output in JSON format.(Optional)
  • --compact, -c: [Global] When used with the --json flag, the JSON output is compact.(Optional)
  • --insecure, -k: [Global] Skip TLS certificate verification.(Optional)
  • --reason: [Global] The REASON for accessing Piiano Vault, using one of these codes: AppFunctionality, Analytics, Notifications, ThirdPartyMarketing, Marketing, FraudPreventionSecurityAndCompliance, AccountManagement, DataSubjectRequest, Maintenance, and Other.(Default: Maintenance)
  • --authtoken: [Global] The authorization TOKEN that is passed in the header of each request.(Default: pvaultauth)
  • --log-level: [Global] The LOG_LEVEL of the log recorded by this transaction. The allowed values are debug, info, warn, and error.(Default: info)

Dynamic Configuration

Get configuration variable

Get the value of a dynamic configuration variable.

pvault confvar get --name=value [ --addr=URL ] [ --json | -j ] [ --compact | -c ] [ --insecure | -k ] [ --reason=REASON ] [ --authtoken=TOKEN ] [ --log-level=LOG_LEVEL ]
  • --name: Name of the configuration variable. Supported names: log_level[Required]
  • --addr: [Global] The URL of the Piiano Vault implementation.(Default: http://localhost:8123)
  • --json, -j: [Global] Where JSON is used in the command, returns the output in JSON format.(Optional)
  • --compact, -c: [Global] When used with the --json flag, the JSON output is compact.(Optional)
  • --insecure, -k: [Global] Skip TLS certificate verification.(Optional)
  • --reason: [Global] The REASON for accessing Piiano Vault, using one of these codes: AppFunctionality, Analytics, Notifications, ThirdPartyMarketing, Marketing, FraudPreventionSecurityAndCompliance, AccountManagement, DataSubjectRequest, Maintenance, and Other.(Default: Maintenance)
  • --authtoken: [Global] The authorization TOKEN that is passed in the header of each request.(Default: pvaultauth)
  • --log-level: [Global] The LOG_LEVEL of the log recorded by this transaction. The allowed values are debug, info, warn, and error.(Default: info)

Set configuration variable

Set the value of a dynamic configuration variable.

pvault confvar set --name=value --value=value [ --addr=URL ] [ --json | -j ] [ --compact | -c ] [ --insecure | -k ] [ --reason=REASON ] [ --authtoken=TOKEN ] [ --log-level=LOG_LEVEL ]
  • --name: Name of the configuration variable. Supported names: log_level[Required]
  • --value: Value of the configuration variable. Supported values for log_level are: debug, info, warn, error[Required]
  • --addr: [Global] The URL of the Piiano Vault implementation.(Default: http://localhost:8123)
  • --json, -j: [Global] Where JSON is used in the command, returns the output in JSON format.(Optional)
  • --compact, -c: [Global] When used with the --json flag, the JSON output is compact.(Optional)
  • --insecure, -k: [Global] Skip TLS certificate verification.(Optional)
  • --reason: [Global] The REASON for accessing Piiano Vault, using one of these codes: AppFunctionality, Analytics, Notifications, ThirdPartyMarketing, Marketing, FraudPreventionSecurityAndCompliance, AccountManagement, DataSubjectRequest, Maintenance, and Other.(Default: Maintenance)
  • --authtoken: [Global] The authorization TOKEN that is passed in the header of each request.(Default: pvaultauth)
  • --log-level: [Global] The LOG_LEVEL of the log recorded by this transaction. The allowed values are debug, info, warn, and error.(Default: info)

Clear configuration variable

Clear the value of a dynamic configuration variable.

pvault confvar clear --name=value [ --addr=URL ] [ --json | -j ] [ --compact | -c ] [ --insecure | -k ] [ --reason=REASON ] [ --authtoken=TOKEN ] [ --log-level=LOG_LEVEL ]
  • --name: Name of the configuration variable. Supported names: log_level[Required]
  • --addr: [Global] The URL of the Piiano Vault implementation.(Default: http://localhost:8123)
  • --json, -j: [Global] Where JSON is used in the command, returns the output in JSON format.(Optional)
  • --compact, -c: [Global] When used with the --json flag, the JSON output is compact.(Optional)
  • --insecure, -k: [Global] Skip TLS certificate verification.(Optional)
  • --reason: [Global] The REASON for accessing Piiano Vault, using one of these codes: AppFunctionality, Analytics, Notifications, ThirdPartyMarketing, Marketing, FraudPreventionSecurityAndCompliance, AccountManagement, DataSubjectRequest, Maintenance, and Other.(Default: Maintenance)
  • --authtoken: [Global] The authorization TOKEN that is passed in the header of each request.(Default: pvaultauth)
  • --log-level: [Global] The LOG_LEVEL of the log recorded by this transaction. The allowed values are debug, info, warn, and error.(Default: info)

Clear all configuration variables

Clear the values of all dynamic configuration variables.

pvault confvar clear-all [ --addr=URL ] [ --json | -j ] [ --compact | -c ] [ --insecure | -k ] [ --reason=REASON ] [ --authtoken=TOKEN ] [ --log-level=LOG_LEVEL ]
  • --addr: [Global] The URL of the Piiano Vault implementation.(Default: http://localhost:8123)
  • --json, -j: [Global] Where JSON is used in the command, returns the output in JSON format.(Optional)
  • --compact, -c: [Global] When used with the --json flag, the JSON output is compact.(Optional)
  • --insecure, -k: [Global] Skip TLS certificate verification.(Optional)
  • --reason: [Global] The REASON for accessing Piiano Vault, using one of these codes: AppFunctionality, Analytics, Notifications, ThirdPartyMarketing, Marketing, FraudPreventionSecurityAndCompliance, AccountManagement, DataSubjectRequest, Maintenance, and Other.(Default: Maintenance)
  • --authtoken: [Global] The authorization TOKEN that is passed in the header of each request.(Default: pvaultauth)
  • --log-level: [Global] The LOG_LEVEL of the log recorded by this transaction. The allowed values are debug, info, warn, and error.(Default: info)

Version

Get the version of the Vault.

pvault version [ --addr=URL ] [ --json | -j ] [ --compact | -c ] [ --insecure | -k ] [ --reason=REASON ] [ --authtoken=TOKEN ] [ --log-level=LOG_LEVEL ]
  • --addr: [Global] The URL of the Piiano Vault implementation.(Default: http://localhost:8123)
  • --json, -j: [Global] Where JSON is used in the command, returns the output in JSON format.(Optional)
  • --compact, -c: [Global] When used with the --json flag, the JSON output is compact.(Optional)
  • --insecure, -k: [Global] Skip TLS certificate verification.(Optional)
  • --reason: [Global] The REASON for accessing Piiano Vault, using one of these codes: AppFunctionality, Analytics, Notifications, ThirdPartyMarketing, Marketing, FraudPreventionSecurityAndCompliance, AccountManagement, DataSubjectRequest, Maintenance, and Other.(Default: Maintenance)
  • --authtoken: [Global] The authorization TOKEN that is passed in the header of each request.(Default: pvaultauth)
  • --log-level: [Global] The LOG_LEVEL of the log recorded by this transaction. The allowed values are debug, info, warn, and error.(Default: info)

Status

Get system status.

pvault status [ --addr=URL ] [ --json | -j ] [ --compact | -c ] [ --insecure | -k ] [ --reason=REASON ] [ --authtoken=TOKEN ] [ --log-level=LOG_LEVEL ]
  • --addr: [Global] The URL of the Piiano Vault implementation.(Default: http://localhost:8123)
  • --json, -j: [Global] Where JSON is used in the command, returns the output in JSON format.(Optional)
  • --compact, -c: [Global] When used with the --json flag, the JSON output is compact.(Optional)
  • --insecure, -k: [Global] Skip TLS certificate verification.(Optional)
  • --reason: [Global] The REASON for accessing Piiano Vault, using one of these codes: AppFunctionality, Analytics, Notifications, ThirdPartyMarketing, Marketing, FraudPreventionSecurityAndCompliance, AccountManagement, DataSubjectRequest, Maintenance, and Other.(Default: Maintenance)
  • --authtoken: [Global] The authorization TOKEN that is passed in the header of each request.(Default: pvaultauth)
  • --log-level: [Global] The LOG_LEVEL of the log recorded by this transaction. The allowed values are debug, info, warn, and error.(Default: info)

Selftest

Run a performance suite

Run a performance benchmarking suite using a separate database collection. The given parameters control how the benchmarking suite is performed.

pvault selftest bench [ --par=1 ] [ --rate=0 ] [ --scale=1000 ] [ --duration=0 ] [ --middle-stage-duration=0 ] [ --read=0 ] [ --update=0 ] [ --token=0 ] [ --replace=0 ] [ --query=0 ] [ --sleep=0 ] [ --persisted=value ] [ --skip-recreate ] [ --html-output=value ] [ --term-output ] [ --columns=10 ] [ --addr=URL ] [ --json | -j ] [ --compact | -c ] [ --insecure | -k ] [ --reason=REASON ] [ --authtoken=TOKEN ] [ --log-level=LOG_LEVEL ]
  • --par: Goroutine parallelism - how many requests to perform in parallel(Default: 1)
  • --rate: Optimistic target RPS. 0 to set no limit and request as fast as possible.(Default: 0)
  • --scale: Scale multiple - control the total amount of work and dataset size(Default: 1000)
  • --duration: Minimum duration in minutes in which to repeated run the benchmark, 0 - for a single execution(Default: 0)
  • --middle-stage-duration: Number of seconds for the middle stage where random operations are done (0 = no middle stage)(Default: 0)
  • --read: Weight reads in the middle stage(Default: 0)
  • --update: Weight updates in the middle stage(Default: 0)
  • --token: Weight tokens in the middle stage(Default: 0)
  • --replace: Weight replace in the middle stage(Default: 0)
  • --query: Weight query in the middle stage(Default: 0)
  • --sleep: Duration of seconds to sleep between executions(Default: 0)
  • --persisted: Provide a shadow database to the bench. By providing this file, the final 'Delete' stage is replaced the save of the UUIDs of the created objects. If the file already exist, the initial 'Add' stage is replaced with the loading of the UUIDs from the file.(Optional)
  • --skip-recreate: Skip recreation of the test collection and assume it already exists.(Optional)
  • --html-output: Issue an HTML report to this path(Optional)
  • --term-output: Show term graphics depicting operations(Optional)
  • --columns: Control the number of properties in the schema(Default: 10)
  • --addr: [Global] The URL of the Piiano Vault implementation.(Default: http://localhost:8123)
  • --json, -j: [Global] Where JSON is used in the command, returns the output in JSON format.(Optional)
  • --compact, -c: [Global] When used with the --json flag, the JSON output is compact.(Optional)
  • --insecure, -k: [Global] Skip TLS certificate verification.(Optional)
  • --reason: [Global] The REASON for accessing Piiano Vault, using one of these codes: AppFunctionality, Analytics, Notifications, ThirdPartyMarketing, Marketing, FraudPreventionSecurityAndCompliance, AccountManagement, DataSubjectRequest, Maintenance, and Other.(Default: Maintenance)
  • --authtoken: [Global] The authorization TOKEN that is passed in the header of each request.(Default: pvaultauth)
  • --log-level: [Global] The LOG_LEVEL of the log recorded by this transaction. The allowed values are debug, info, warn, and error.(Default: info)

Quick validation for a working Vault

pvault selftest basic [ --fail-on-warnings | -w ] [ --addr=URL ] [ --json | -j ] [ --compact | -c ] [ --insecure | -k ] [ --reason=REASON ] [ --authtoken=TOKEN ] [ --log-level=LOG_LEVEL ]
  • --fail-on-warnings, -w: Fail on check warnings(Optional)
  • --addr: [Global] The URL of the Piiano Vault implementation.(Default: http://localhost:8123)
  • --json, -j: [Global] Where JSON is used in the command, returns the output in JSON format.(Optional)
  • --compact, -c: [Global] When used with the --json flag, the JSON output is compact.(Optional)
  • --insecure, -k: [Global] Skip TLS certificate verification.(Optional)
  • --reason: [Global] The REASON for accessing Piiano Vault, using one of these codes: AppFunctionality, Analytics, Notifications, ThirdPartyMarketing, Marketing, FraudPreventionSecurityAndCompliance, AccountManagement, DataSubjectRequest, Maintenance, and Other.(Default: Maintenance)
  • --authtoken: [Global] The authorization TOKEN that is passed in the header of each request.(Default: pvaultauth)
  • --log-level: [Global] The LOG_LEVEL of the log recorded by this transaction. The allowed values are debug, info, warn, and error.(Default: info)

Admin

Rotate data encryption keys

pvault admin rotate-keys [ --addr=URL ] [ --json | -j ] [ --compact | -c ] [ --insecure | -k ] [ --reason=REASON ] [ --authtoken=TOKEN ] [ --log-level=LOG_LEVEL ]
  • --addr: [Global] The URL of the Piiano Vault implementation.(Default: http://localhost:8123)
  • --json, -j: [Global] Where JSON is used in the command, returns the output in JSON format.(Optional)
  • --compact, -c: [Global] When used with the --json flag, the JSON output is compact.(Optional)
  • --insecure, -k: [Global] Skip TLS certificate verification.(Optional)
  • --reason: [Global] The REASON for accessing Piiano Vault, using one of these codes: AppFunctionality, Analytics, Notifications, ThirdPartyMarketing, Marketing, FraudPreventionSecurityAndCompliance, AccountManagement, DataSubjectRequest, Maintenance, and Other.(Default: Maintenance)
  • --authtoken: [Global] The authorization TOKEN that is passed in the header of each request.(Default: pvaultauth)
  • --log-level: [Global] The LOG_LEVEL of the log recorded by this transaction. The allowed values are debug, info, warn, and error.(Default: info)

Get system configuration

pvault admin get-configuration [ --addr=URL ] [ --json | -j ] [ --compact | -c ] [ --insecure | -k ] [ --reason=REASON ] [ --authtoken=TOKEN ] [ --log-level=LOG_LEVEL ]
  • --addr: [Global] The URL of the Piiano Vault implementation.(Default: http://localhost:8123)
  • --json, -j: [Global] Where JSON is used in the command, returns the output in JSON format.(Optional)
  • --compact, -c: [Global] When used with the --json flag, the JSON output is compact.(Optional)
  • --insecure, -k: [Global] Skip TLS certificate verification.(Optional)
  • --reason: [Global] The REASON for accessing Piiano Vault, using one of these codes: AppFunctionality, Analytics, Notifications, ThirdPartyMarketing, Marketing, FraudPreventionSecurityAndCompliance, AccountManagement, DataSubjectRequest, Maintenance, and Other.(Default: Maintenance)
  • --authtoken: [Global] The authorization TOKEN that is passed in the header of each request.(Default: pvaultauth)
  • --log-level: [Global] The LOG_LEVEL of the log recorded by this transaction. The allowed values are debug, info, warn, and error.(Default: info)

Get license details

pvault admin get-license [ --addr=URL ] [ --json | -j ] [ --compact | -c ] [ --insecure | -k ] [ --reason=REASON ] [ --authtoken=TOKEN ] [ --log-level=LOG_LEVEL ]
  • --addr: [Global] The URL of the Piiano Vault implementation.(Default: http://localhost:8123)
  • --json, -j: [Global] Where JSON is used in the command, returns the output in JSON format.(Optional)
  • --compact, -c: [Global] When used with the --json flag, the JSON output is compact.(Optional)
  • --insecure, -k: [Global] Skip TLS certificate verification.(Optional)
  • --reason: [Global] The REASON for accessing Piiano Vault, using one of these codes: AppFunctionality, Analytics, Notifications, ThirdPartyMarketing, Marketing, FraudPreventionSecurityAndCompliance, AccountManagement, DataSubjectRequest, Maintenance, and Other.(Default: Maintenance)
  • --authtoken: [Global] The authorization TOKEN that is passed in the header of each request.(Default: pvaultauth)
  • --log-level: [Global] The LOG_LEVEL of the log recorded by this transaction. The allowed values are debug, info, warn, and error.(Default: info)

Purge objects and tokens

Permanently deletes objects and tokens that have expired or been deleted, where the expiry or deletion is before the grace period. By default, deletes objects and tokens.

pvault admin gc [ --objects-only ] [ --tokens-only ] [ --dry-run ] [ --force | -f ] [ --quiet ] [ --reload-cache ] [ --addr=URL ] [ --json | -j ] [ --compact | -c ] [ --insecure | -k ] [ --reason=REASON ] [ --authtoken=TOKEN ] [ --log-level=LOG_LEVEL ]
  • --objects-only: Permanently delete only objects.(Optional)
  • --tokens-only: Permanently delete only tokens.(Optional)
  • --dry-run: Return a count of objects and tokens available for permanent deletion without permanently deleting them.(Optional)
  • --force, -f: Ignore interactive protection.(Optional)
  • --quiet: Suppress the printing of output. Can only be included when the --force flag is set.(Optional)
  • --reload-cache: Forces a cache reload.(Optional)
  • --addr: [Global] The URL of the Piiano Vault implementation.(Default: http://localhost:8123)
  • --json, -j: [Global] Where JSON is used in the command, returns the output in JSON format.(Optional)
  • --compact, -c: [Global] When used with the --json flag, the JSON output is compact.(Optional)
  • --insecure, -k: [Global] Skip TLS certificate verification.(Optional)
  • --reason: [Global] The REASON for accessing Piiano Vault, using one of these codes: AppFunctionality, Analytics, Notifications, ThirdPartyMarketing, Marketing, FraudPreventionSecurityAndCompliance, AccountManagement, DataSubjectRequest, Maintenance, and Other.(Default: Maintenance)
  • --authtoken: [Global] The authorization TOKEN that is passed in the header of each request.(Default: pvaultauth)
  • --log-level: [Global] The LOG_LEVEL of the log recorded by this transaction. The allowed values are debug, info, warn, and error.(Default: info)

System

Get cluster information on cache generations

pvault system cluster-info [ --addr=URL ] [ --json | -j ] [ --compact | -c ] [ --insecure | -k ] [ --reason=REASON ] [ --authtoken=TOKEN ] [ --log-level=LOG_LEVEL ]
  • --addr: [Global] The URL of the Piiano Vault implementation.(Default: http://localhost:8123)
  • --json, -j: [Global] Where JSON is used in the command, returns the output in JSON format.(Optional)
  • --compact, -c: [Global] When used with the --json flag, the JSON output is compact.(Optional)
  • --insecure, -k: [Global] Skip TLS certificate verification.(Optional)
  • --reason: [Global] The REASON for accessing Piiano Vault, using one of these codes: AppFunctionality, Analytics, Notifications, ThirdPartyMarketing, Marketing, FraudPreventionSecurityAndCompliance, AccountManagement, DataSubjectRequest, Maintenance, and Other.(Default: Maintenance)
  • --authtoken: [Global] The authorization TOKEN that is passed in the header of each request.(Default: pvaultauth)
  • --log-level: [Global] The LOG_LEVEL of the log recorded by this transaction. The allowed values are debug, info, warn, and error.(Default: info)