How can I create a Cypher secret with a Variable?

Is there a cool (simple) way to create a Cypher secret as part of a provision workflow?


Could do it with a python script

Any other questions :slight_smile:

I only know hot ways

I don't know if you were hinting at something simpler than using the API? I had one that generated a password for Windows user and then replace that as the administrator password on the server
I also generate cypher a ton with the workflows for onboarding new tenants. But all of that utilizes the API and I'm curious if you were just looking for a simple variable that creates one?
Unsure if you can just do <%=cypher.put%> or something

yeah can just use a var to generate one

I was looking for a way to avoid API. I was hoping there was a command like cypher.create 
Chris Bunge It sound like you may already have what I want. I have an MSP who wants to give users the ability to built a windows server and automatically create a secure password for Admin and then set the password as part of the build and of course have that password stored somewhere.
I have all the moving parts. I can create the password in Cypher (manually at the moment) I can then read that and during post provision I have a PS script that updates the Admin Password. 
The bit I am missing is creating the cypher mountpoint using the instance name 

So if you want a password generated, you can do something like “<‘password/15/’ +>”

that would auto generate you a 15 char password for the instance. Note it’s a bit… overwhelming when you do this at scale since we don’t have rbac on Cypher

On the plus side we do finally have search 🙂

Rbac on cypher is coming through policy

You could probably generate a policy scoped to user or group tied to that cipher at provision time too.

Jeff Wheeler I see a cypher.write.  Can we also write cypher with that?

think so but wouldnt return, so use read and if it doesent exist it gets generated, as far as I can remember. looks like we need a docs update

read for password makes sense. Read for secret/ or something curious how I could supply a value

Ah, I mis read the docs, thanks Chris Bunge that seems to work 

oh I took it as value needed to be generated not passed