How do I edit an encrypted data bag?

I am using Chef 12.14.60. I am trying to edit multiple times an encrypted databag. I seem to only be able to edit it when I encrypt it with a secret. After that I get this error:

ERROR: Chef::Exceptions::ValidationFailed: Option data_bag's value {"encrypted_data"=>"pyVTbbahq1IW2syF24xzsAfSZdzOwVq1vZIlr2ssp9M=\n", "iv"=>"Sk/fVdGNnTti5EW6f5o3Ow==\n", "version"=>1, "cipher"=>"aes-256-cbc"} does not match regular expression /^[1]+$/

I run this to create the databag and item:

knife data bag create db123 foobar

I run this to encrypt the databag's item:

knife data bag edit db123 foobar --secret goodpassword

It works, and I see this in the output:

Encrypting data bag using provided secret.

I run this to try to edit the databag again:

knife data bag edit db123 foobar --secret goodpassword

But then I see this:

ERROR: Chef::Exceptions::ValidationFailed: Option data_bag's value {"encrypted_data"=>"4l9TyNv+987JfePFfMLdELVlDuia938kAnwrly9XW94=\n", "iv"=>"JZL76EtebsSXUeE1m5KT9w==\n", "version"=>1, "cipher"=>"aes-256-cbc"} does not match regular expression /^[2]+$/

I expect to be able to edit an encrypted data bag if I supply the correct password. How do I edit the foobar item in my db123 data bag again?

1. -[:alnum:]_ ↩︎

2. -[:alnum:]_ ↩︎

Did anyone ever answer this perfectly valid query ? I have exactly the same and know there must be a solution surely.

I've never used --secret and the documentation is not very specific about what the "secret" can contain. But --secret-file has always worked for me.

Use this documentation to create your secret file and use it. Keep in mind you need to keep your secret file secure of course.
https://docs.chef.io/data_bags/#secret-keys

knife vault edit <vault_name> <vault_item> -m