Hello there, Im new to Vault and i ran into an issue. I have found a way to add 2 KV pairs into a secrets path. But when run
vault kv list secrets/path I only get this output
no value found at secrets/path. The weird this is when I run,
vault kv get -field=key1 secrets/path I get the correct value
The secrets path on every command was exactly the same.
This behaviour is how Vault works, although I agree it is pretty confusing.
The list operation on secrets/path returns things that are at secrets/path/…something… in the tree, i.e. inside secrets/path/.
But secrets/path itself is not included in this - it is not inside itself.
In this way, the Vault KV engine is not like the average computer filesystem.
Another way it is different is that in Vault KV, the same name can exist as a “file” and a “directory” at the same time.
Yet another way it is different is that “directories” don’t have any real existence of their own - you don’t create them, e.g. if you create “a/b/c”, then “a/” and “a/b/” just appear automatically. And if you then delete “a/b/c”, and there’s nothing else inside them, they will disappear again automatically too.
Hello there maxb, thank you so much for your reply. I sort of understand what youre saying right now. My question now is what can i do in order to get the list KV that i have stored?
Thank you once again.
If you’re asking, is there a way to list all secrets, no. You can use the API to walk down each “mount” and then each “path” until you reach a secret in turn. There is no “list all secrets” api.