Cannot read policy 'root'


When I list vault policies, I get two things:

root@vault-0:~# vault policy list

When I try to read the root policy, it says:

root@vault-0:~# vault policy read root
No policy named: root

I’m probably not understanding this correctly, but what is the reason for this?

The root policy is special, and implemented entirely in code - the policy itself is a zero-length string, and the CLI seems to erroneously report this as not existing.

1 Like