diff --git a/awx/main/models/credential.py b/awx/main/models/credential.py
index 4906d7d14e..97103855c2 100644
--- a/awx/main/models/credential.py
+++ b/awx/main/models/credential.py
@@ -690,6 +690,7 @@ def vault(cls):
                 'secret': True,
                 'ask_at_runtime': True
             }],
+            'required': ['vault_password'],
         }
     )
 
diff --git a/awx/main/tests/functional/api/test_credential.py b/awx/main/tests/functional/api/test_credential.py
index ac9c1be960..201732a7b9 100644
--- a/awx/main/tests/functional/api/test_credential.py
+++ b/awx/main/tests/functional/api/test_credential.py
@@ -922,6 +922,25 @@ def test_vault_create_ok(post, organization, admin, version, params):
     assert decrypt_field(cred, 'vault_password') == 'some_password'
 
 
+@pytest.mark.django_db
+def test_vault_password_required(post, organization, admin):
+    vault = CredentialType.defaults['vault']()
+    vault.save()
+    response = post(
+        reverse('api:credential_list', kwargs={'version': 'v2'}),
+        {
+            'credential_type': vault.pk,
+            'organization': organization.id,
+            'name': 'Best credential ever',
+            'inputs': {}
+        },
+        admin
+    )
+    assert response.status_code == 400
+    assert response.data['inputs'] == {'vault_password': ['required for Vault']}
+    assert Credential.objects.count() == 0
+
+
 #
 # Net Credentials
 #