2 min read | by Jordi Prats
If we want to append a value to a list, using read we will see it like a regular value separated by spaces:
$ vault read -field=bound_iam_role_arn auth/aws-ec2/role/pet2cattle-role
[arn:aws:iam::111111111111:role/pet2cattle-role arn:aws:iam::222222222222:role/pet2cattle-role]
But the we cannot just copy and paste the value, otherwise we would be setting it as a single string
We will need to specify each value multiple times to create the list, appending the new value as follows:
$ vault write auth/aws-ec2/role/pet2cattle-role \
"bound_iam_role_arn=arn:aws:iam::111111111111:role/pet2cattle-role" \
"bound_iam_role_arn=arn:aws:iam::222222222222:role/pet2cattle-role" \
"bound_iam_role_arn=arn:aws:iam::333333333333:role/pet2cattle-role"
Success! Data written to: auth/aws-ec2/role/pet2cattle-role
If we repeat the vault read we will be able to see the list as a single string, yet it is actually a list:
$ vault read -field=bound_iam_role_arn auth/aws-ec2/role/pet2cattle-role
[arn:aws:iam::111111111111:role/pet2cattle-role arn:aws:iam::222222222222:role/pet2cattle-role arn:aws:iam::333333333333:role/pet2cattle-role]
If we try to set it as a string, the vault read will look exactly the same but it won't work as a list so we really need to be careful with this
Posted on 19/10/2021