Is auth/aws/role/* visible in the UI?

I don’t see auth/aws/role/* in the UI anywhere. Just wondering if I’m looking in the wrong place or if it’s just not supported right now.

not available, but you can always generate a token by using CLI first, then log in into Vault with it

That’s strange, I’m able to see it. When I download the present version of Vault, run it with the UI turned on, and enable the AWS auth engine, I can immediately create a role through the UI. I can also read and edit it.

It may be that the Vault policies that have been applied to you don’t grant you access to that path in Vault.

can you share a screenshot where you’re seeing this? I just downloaded v1.3.2 and started the dev server and still can’t find where to mess with roles.
To be clear, I’m looking to do


in the UI, e.g.

$ vault write auth/aws/role/dev-role-iam auth_type=iam
bound_iam_principal_arn=arn:aws:iam::123456789012:role/MyRole
policies=prod,dev max_ttl=500h

Oh, whoops, this was my mistake. :slight_smile:

When I made that statement, I was looking at the AWS secrets engine. I stand corrected! I confirm that it is not available in the UI.

Ah, oh well. Maybe some day. Thanks anyway!

1 Like