5

I am following this tutorial but I don't know why I am getting these permissions errors when I run some vault commands

  vault kv put secret/hello foo=world
    Error making API request.
    
    URL: GET http://127.0.0.1:8200/v1/sys/internal/ui/mounts/secret/hello
    Code: 403. Errors:
    
    * permission denied

For further info...

vault status
Key             Value
---             -----
Seal Type       shamir
Initialized     true
Sealed          false
Total Shares    1
Threshold       1
Version         1.8.4
Storage Type    inmem
Cluster Name    vault-cluster-fc4492f9
Cluster ID      87956902-532d-dcfd-5e9a-9f1d36207ef4
HA Enabled      false

And the version of my the vault package

vault --version
Vault v1.8.4 (925bc650ad1d997e84fbb832f302a6bfe0105bbb)

I have already exported the Token and the address, so I have no clue what to do next to solve the issue. Can anyone help me out? Thanks in advance.

UPDATES

From the UI I do have access to http://127.0.0.1:8200/ui/vault/ but still having the same issue from the CLI. I even tried vault auth login but nothing changes.

iker lasaga
  • 330
  • 1
  • 3
  • 18
  • How did you export the token, and what OS are you on? Try it again, it looks like it did not work. – Don't Panic Nov 08 '21 at 07:47
  • I'm using Ubuntu 20 and I took the token printed by the console when you use vault server -dev "Root Token" – iker lasaga Nov 08 '21 at 10:51
  • The command I use for exporting the token is export VAULT_DEV_ROOT_TOKEN_ID=s.l6Rb88CZvfgsKxKOxDNh1ONC But I also tried with export VAULT_TOKEN=s.l6Rb88CZvfgsKxKOxDNh1ONC – iker lasaga Nov 08 '21 at 11:01
  • As [the tutorial you linked to shows](https://learn.hashicorp.com/tutorials/vault/getting-started-dev-server?in=vault/getting-started#starting-the-dev-server), you need to surround the token with quotes: `export VAULT_TOKEN="s..."`. Did you do that? – Don't Panic Nov 08 '21 at 11:55
  • 1
    hey, I feel so dumb now, it was that, the quotes with VAULT_TOKEN. Add the answer and I will upvote it. Thanks man – iker lasaga Nov 08 '21 at 12:26

1 Answers1

11

You must use quotes around the token when exporting it:

export VAULT_TOKEN="s..."

Reference in the tutorial.

Don't Panic
  • 13,965
  • 5
  • 32
  • 51
  • I had a env variable with VAULT_TOKEN with old value causing the problem. After updating the env variable VAULT_TOKEN its working fine... Thank you – Rajeshwar Mar 22 '22 at 09:14