search

hashicorp / vault-plugin-secrets-alicloud

Dynamic secrets for Alibaba Cloud.
Mozilla Public License 2.0
1 stars 8 forks source link

BUG: wrong argument parsing when only one remote_policies is provided #37

Open andyzhang495 opened 4 years ago

andyzhang495 commented 4 years ago 
vault write alicloud/role/direct-mail remote_policies=name:AliyunDirectMailFullAccess,type:System
Error writing data to alicloud/role/direct-mail: Error making API request.

URL: PUT https://rubick.dev.wwrkr.cn:8200/v1/alicloud/role/direct-mail
Code: 500. Errors:

* 1 error occurred:
    * policy type is required in name:AliyunDirectMailFullAccess

However, the following command succeeded:

vault write alicloud/role/direct-mail remote_policies='name:AliyunDirectMailFullAccess,type:System' remote_policies='name:AliyunDirectMailReadOnlyAccess,type:System'
Success! Data written to: alicloud/role/direct-mail

I believe vault treats comma-separated string as a list. Take this line of code for example, in the first case, strPolicies equals to ["name:AliyunDirectMailFullAccess", "type:System"], which is not desired.

My Vault client version is:

Vault v1.1.3 ('9bc820f700f83a7c4bcab54c5323735a581b34eb')