Looks like you have ACLs enabled on your Consul cluster and either you don’t have a token set for the Consul CLI or the token you are using isn’t authorized to query keyrings.
You should have a token with a policy of
keyring = read for you to successfully query keyring in an ACL enabled cluster (ref: Keyring - Operator - HTTP API | Consul by HashiCorp)
Once you have the token created with the necessary policy, you can pass it to the command line as shown below, or alternatively set
CONSUL_HTTP_TOKEN environment variable:
$ consul keyring -list -token <token-uuid>
NOTE: You could also use the master token for this if you have access to it.