bash-4.4# vault token lookup -tls-skip-verify -accessor HBHoY1DLWf0o6moTLYhFdA8Y
Key Value
--- -----
accessor HBHoY1DLWf0o6moTLYhFdA8Y
creation_time 1604473771
creation_ttl 24h
display_name kubernetes-sec-sip-tls-service-account
entity_id e1d180c3-4140-8f64-6aff-38a7b863375b
expire_time <nil>
explicit_max_ttl 0s
id n/a
issue_time 2020-11-04T07:09:31.407508153Z
last_renewal 2020-12-06T07:09:31.428385336Z
last_renewal_time 1607238571
meta map[role:sec-sip-tls-sub-ca-role service_account_name:sec-sip-tls-service-account service_account_namespace:cc service_account_secret_name:sec-sip-tls-service-account-token-2lz4c service_account_uid:1dffb1c9-1419-463f-a458-a47dbd7aadc0]
num_uses 0
orphan true
path auth/kubernetes/login
policies [default sec-sip-tls-sub-ca-policy]
renewable false
ttl 0s
type service
we got an accessor with TTL=0 and renewable false. Try to revoke-accessor throught api interface, we got error “HTTP 400, token not found”.
any idea? how to remove it?
vault version 1.4.2