Introduction
This article documents a workaround for a known defect in Vault version 1.12.0 where plugins are no longer listed the same as in prior versions. It's important to note that the plugins and their functionality are not affected by the defect, only their listing.
The defect is already in the Vault backlog and a fix is anticipated in a future release which will be highlighted here whenever that's made.
Update: A fix for this defect was released in Vault versions 1.12.3 and 1.13.0
Problem
Attempting to list available Vault plugins using vault plugin list
after upgrading to Vault 1.12.0 or 1.12.1 results in an error instead of the expected plugin list.
Prerequisites (if applicable)
- Vault OSS 1.12.0, 1.12.1 & 1.12.2
- Vault Enterprise 1.12.0, 1.12.1 & 1.12.2
- File Audit Device enabled
Cause
- Due to a known defect in Vault 1.12.0 1.12.1 & 1.12.2 the following error is displayed when attempting to list the available plugins while having an audit device of type file enabled:
Error listing available plugins: data from server response is empty
Solutions
The following commands can be used as a workaround in order to list the respective plugins:
-
Database plugins:
vault list sys/plugins/catalog/database
-
Auth methods:
vault list sys/plugins/catalog/auth
-
Secrets engines:
vault list sys/plugins/catalog/secret
- Alternatively, the file audit device can be disabled:
vault audit disable file
Outcome
Using the commands listed under the Solutions section list the plugins.
Additional Information
- Vault Documentation: Audit Devices
- Vault Documentation: Plugin System
- Article: Listing plugins causes [ERROR] audit: panic during logging