Hi,
I’m using vault 1.6.1. When I visit the api explorer (ui/vault/api-explorer) with my root token, I see the categories “auth”, “secrets”, “identity” and “system”.
I have created an “admin” user with a quite extensive set of policies, default policies are attached as well. With this I can access the endpoints beneath “auth/” just fine (for example LIST on “auth/approle/role”), however the category “auth” is completely missing form the api explorer. I don’t know whether this is a bug or a problem with my policies.
# Manage auth methods broadly across Vault
path "auth/*"
{
capabilities = ["create", "read", "update", "delete", "list", "sudo"]
}
# Create, update, and delete auth methods
path "sys/auth/*"
{
capabilities = ["create", "read", "update", "delete", "list", "sudo"]
}
# List auth methods
path "sys/auth"
{
capabilities = ["read", "create", "update", "delete", "sudo"]
}
# List existing policies
path "sys/policies/acl"
{
capabilities = ["list"]
}
# Create and manage ACL policies
path "sys/policies/acl/*"
{
capabilities = ["create", "read", "update", "delete", "list", "sudo"]
}
# Manage secrets engines
path "sys/mounts/*"
{
capabilities = ["create", "read", "update", "delete", "list", "sudo"]
}
# ...
# some mount-path-specific policies
# ...
# List existing secrets engines.
path "sys/mounts"
{
capabilities = ["read"]
}
# Read health checks
path "sys/health"
{
capabilities = ["read", "sudo"]
}
Thanks for any hints!
Cheers
Raimar