Hashicorp Vault - List secrets using the vault kv command
by
Jeremy Canfield |
Updated: April 01 2024
| Hashicorp Vault articles
This assumes the following has already been done.
- Hashicorp Vault has been installed
- Hashicorp Vault has been initialized
- Hashicorp Vault has been unsealed
Let's say the secrets engine has been enabled with -path=secret/
~]# vault secrets enable -path=secret/ kv
Success! Enabled the kv secrets engine at: secret/
And let's say approle has been enabled and there is a role named "my-role" and contains a policy named "my-policy".
~]$ vault read auth/approle/role/my-role
Key Value
--- -----
policies [my-policy]
In this example, since the secrets engine has been enabled with -path=secret/ the policy path will need to begin with secret/
Let's say "my-policy" permits the following capabilities to "secret/my_path/*".
~]$ vault policy read my-policy
path "secret/my_path/*" {
capabilities = ["create", "delete", "list", "patch", "read", "update"]
}
The vault kv list command can be used to list the secrets that have been created. In this example, there are two secrets, one named "foo" and another named "bar".
~]# vault kv list secret/my_role/
Keys
----
foo
bar
Did you find this article helpful?
If so, consider buying me a coffee over at 