Exec Command

Execute arbitrary system calls and replaces templated environment variables with Keeper vault secrets

exec command

To perform magic environment variable substitution, use the ksm exec command.

Parameters:

System call or script to run with replaced environment variables

format: ksm exec -- <SYSTEM CALL OR SCRIPT>

Example Linux bash script

my_script.sh
#!/bin/bash

# Bash script that pulls Keeper secrets 

connect_db() {
  echo "Database Password:" $DB_PASSWORD
}

call_stripe() {
  echo "API Key:" $API_KEY
}

connect_db
call_stripe

Set a couple environment variables then execute the script:

Example Windows batch file

Example PowerShell script

Environment Variable Replacement

Environment variables must be templated so that the CLI can find and replace them correctly. For example:

See the Keeper Notation documentation for more information on notation query format and capabilities

Example Shell Script

Below is a Linux bash script example. Before an application is started or a command is run, any environment variables that start with keeper:// will be replaced with secret values from the vault. Make sure to replace XXXX with the Record UID of the secret.

Here's a simple bash script that prints the secrets to the console:

And here's the output from executing the bash script with ksm exec

PreviousSync CommandNextConfig Command

Last updated

Was this helpful?