Difference between revisions of "Sops --decrypt"

From wikieduonline
Jump to navigation Jump to search
Line 3: Line 3:
 
  [[--decrypt]], [[-d]]  
 
  [[--decrypt]], [[-d]]  
 
  [[sops --decrypt --in-place]]
 
  [[sops --decrypt --in-place]]
 +
 +
sops -d contrib/helm/efi/secrets_prod.yaml > /tmp/decrypted_secrets_prod.yaml
 +
Failed to get the data key required to decrypt the SOPS file.
 +
 +
Group 0: FAILED
 +
  projects/your-project/locations/global/keyRings/sops/cryptoKeys/sops-encryption-key: FAILED
 +
    - | Error decrypting key: googleapi: Error 403: Permission
 +
      | 'cloudkms.cryptoKeyVersions.useToDecrypt' denied on resource
 +
      | 'projects/your-project/locations/global/keyRings/sops/cryptoKeys/sops-encryption-key'
 +
      | (or it may not exist)., forbidden
 +
 +
Recovery [[failed because no master key was able to decrypt the file]]. In
 +
order for SOPS to recover the file, at least one key has to be successful,
 +
but none were.
  
  

Revision as of 08:55, 30 June 2022

--decrypt, -d 
sops --decrypt --in-place

sops -d contrib/helm/efi/secrets_prod.yaml > /tmp/decrypted_secrets_prod.yaml
Failed to get the data key required to decrypt the SOPS file.

Group 0: FAILED
  projects/your-project/locations/global/keyRings/sops/cryptoKeys/sops-encryption-key: FAILED
    - | Error decrypting key: googleapi: Error 403: Permission
      | 'cloudkms.cryptoKeyVersions.useToDecrypt' denied on resource
      | 'projects/your-project/locations/global/keyRings/sops/cryptoKeys/sops-encryption-key'
      | (or it may not exist)., forbidden

Recovery failed because no master key was able to decrypt the file. In
order for SOPS to recover the file, at least one key has to be successful,
but none were.


Related

See also

Retrieved from "https://www.wikieduonline.com/index.php?title=Sops_--decrypt&oldid=153424"

Advertising: