Trouble deleting a mistake host entry

Okay, so I managed to try adding a host entry and ended up adding it twice, but now can’t delete the wrong one. It shows owned by admin. And was loaded into the root policy (yeah, I know. But playing in test.).
So, tried loading a delete policy:

  • !delete
    record: !host Account_name:host:my_host

conjur list shows it as:

Web interface shows the host as owned by admin

Any pointers on deleting welcomed. Have a feeling I’ll be needing to get good at it, eh.

Hi Barry:

Yeah, there is definitely variety in the way host identities are represented.

your policy should read:

- !delete
  record: !host my_host

Hope all is well.


1 Like

Jody, doing okay here, other than painting myself into corners, eh.

Tried that form for the policy and the command:
conjur policy load root policy/0005b_host.yml
since that’s what I used to load it initially, and got the error:
No such file or directory
Do I need the --delete flag as well when I load the policy?

Probably should add that I also used the FQDN for the host name, so it has periods in it:
Yeah. Should have looked at the right documentation section, and not tried to do in middle of a meeting…

Yes, you do need to use the --delete flag when loading a delete policy. Whatever you do, don’t use --replace though. It’ll nuke everything. The periods shouldn’t matter. Spaces can be escaped with \ or quoting the whole string with double quotes.

1 Like

Jody, as always, thanks!

That did it.
Now, to just create the host the right way, eh. :]