Hashicorp Vault - List Roles using the REST API
by
Jeremy Canfield |
Updated: July 18 2024
| Hashicorp Vault articles
This assumes the following has already been done.
- Hashicorp Vault has been installed
- Hashicorp Vault has been initialized
- Hashicorp Vault has been unsealed
- You have logged into the vault
Policies list what can and cannot be done. For example, to allow or not allow a user to create a secret.
A role contains one or more policies. Let's say you have enabled approle.
- Enable approle authentication using REST API
- Enable approle authentication using the vault auth enable command
A LIST request to the /v1/auth/approle/role endpoint (this article) can be used to list the roles you have created.
When you initialized the vault a root token should have been returned, something like hvs.vND8VRSjt7pM7YvkIqECbAZY. The root token can be used in the LIST requests.
curl --header "X-Vault-Token: hvs.vND8VRSjt7pM7YvkIqECbAZY" --request LIST --url http://vault.example.com:8200/v1/auth/approle/role
Something like this should be returned.
{
"request_id": "a0067c32-b1a6-a14d-30fe-f76b2f118eeb",
"lease_id": "",
"renewable": false,
"lease_duration": 0,
"data": {
"keys": [
"my-role"
]
},
"wrap_info": null,
"warnings": null,
"auth": null
}
Did you find this article helpful?
If so, consider buying me a coffee over at 