Branch: master
Find file History
Latest commit a670b89 Jan 30, 2019

npm version Known Vulnerabilities docker hub

Kamus CLI

This cli was created to provide an easy interface to interact with Kamus API.

It supports azure device flow authentication out of the box.

To install, use the following NPM command:

npm install -g @soluto-asurion/kamus-cli

Alternatively, you can use docker to run the CLI (for example, to run it inside the cluster when the encryptor is deployed without ingress):

docker run -it --rm soluto/kamus-cli encrypt <arguments>

Or, using kubectl:

kubectl run -it --rm --restart=Never kamus-cli --image=soluto/kamus-cli -- encrypt <arguments>

Supported commands:


kamus-cli encrypt --secret <data> --service-account <serviceAccount> --namespace <namespace> --kamus-url <kamus-url>

How to enable azure active directory authentication

You need working active directory tenant and designated native app registration, Then just set all the auth prefixed options. Once the user will run the cli with the auth options, he will get a small code and and azure URL to login into.

CLI options:
Option Required Description Default Value
--auth-tenant false azure authentication tenant id
--auth-application false azure authentication application id
--auth-resource false azure authentication resource id
--cert-fingerprint false certificate fingerprint of encrypt api for validation
--kamus-url true url of kamus encrypt api
--allow-insecure-url false allow or block non https endpoints false
--log-level <debug|verbose|info|warn|error|fatal> false specify global logger level
--log-flag <[no-](date|inline|colorful)> false the prefix no- represent negation. date: whether to print date. default value is false. inline: each log record output in one line. default value is false. colorful: whether to print with colors. default value is true.
--log-output false specify the output path (default behavior is output directory to stdout).
--log-encoding false specify the log file's encoding.
--secret or --secret-file true the secret to encrypt, or the file containing it