As was noted in Sys/expire/id/auth/aws/login full of entries ...? - #2 by pcolmer, we’ve got a lot of AWS leases. I’ve tried using the script at Vault may not be removing expired tokens from Consul · Issue #1815 · hashicorp/vault · GitHub but I’m not getting anywhere fast.
I’ve also tried using
vault lease revoke -prefix auth/aws/login but I just get this error:
Error revoking leases with prefix auth/aws/login: context deadline exceeded
If I use the UI and navigate down to
/ui/vault/access/leases/list/auth/aws/login/, it says it is getting a 500 error back from Vault.