Hashicorp vault how to list all roles

Question

Is it possible to list all roles stored in a vault backend? I can't seem to find any reference on how to do so.

From the documentation, it seems possible to list a role given the role name, through auth/approle/role/my-role, for example, but I don't see any references on how to list all roles stored in a vault server.

Answer 1

EDIT

I would recommend viewing roles through the CLI. Viewing roles through the UI seems show all roles instead of those assigned to a given auth method.

Viewing roles using the UI

1. Click the "Access" tab

2. Click "View Configuration" under the three dot dropdown for the auth method you're interested in

3. Click the "Roles" tab at the top

Viewing roles using the CLI

Roles are listed under Authentication Methods in Vault. You can view which authentication methods you have enabled (or enable new ones) by visiting the UI and clicking on the "Access" tab at the top.

From there you can list roles using the following command:

vault list auth/{auth_method}/role

Where {auth_method} is one of the enabled authentication methods listed in the "Access" tab.

For example, if you enabled the kubernetes auth method, you would list roles associated with this method by running the following:

vault list auth/kubernetes/role

Answer 2

It depends on what auth method you created, based on auth method you can list roles.

Example:

# vault list auth/aws/roles
# vault read auth/aws/role/role-name