Stack Overflow
Stack Overflow

Questions tagged [vault]

VAULT QUESTIONS MUST BE DEVELOPER-RELATED. Vault is an open-source platform designed to store secrets securely, Questions about configuring vault should be asked on https://serverfault.com. Not to be confused with [ansible-vault].

300 questions
5
votes
1 answer

Error making API request when using Vault secrets

I am following this tutorial but I don't know why I am getting these permissions errors when I run some vault commands vault kv put secret/hello foo=world Error making API request. URL: GET…
iker lasaga
  • 330
  • 1
  • 3
  • 18
4
votes
1 answer

Is it possible don't use `in memory` storage for Vault in dev mode?

I use this Vault docker image for my local test environment. But it stores all secrets in memory only. Therefore, if I restart my computer then all my test secrets desappear and I am to recreate they manually each time. How can I solve the…
Andrey Bushman
  • 11,712
  • 17
  • 87
  • 182
3
votes
1 answer

Failed to create and edit tables in Supabase, "Failed to create pg.columns:..."

I have failed to create or edit tables in Supabase. It is showing an error message "Failed to create pg.columns: must be the owner of event trigger pgsodium_trg_mask_update". I think it has something to do with the launch of supabase vault, but I…
Charles Kasasira
  • 240
  • 1
  • 5
  • 15
3
votes
2 answers

Using Vault UI to get secrets

I have the following policies: path "/kv/dev/*" { capabilities = ["read","list", "update"] } path "/kv/data/dev/*" { capabilities = ["read","list", "update"] } Using the CLI I and able to use the following command to get the secrets: vault kv…
39fredy
  • 1,923
  • 2
  • 21
  • 40
3
votes
0 answers

"secret not found" reported by ExternalSecret

I have been struggling with this issue for the past 2 days and I'm stuck. I'm using External Secrets Operator to obtain secrets from Vault: https://external-secrets.io/ It seems ExternalSecret is not creating the secret. This is my yaml…
Kevin B
  • 33
  • 2
  • 8
3
votes
1 answer

minio kes and Hashicorp vault using docker-compose

I want to use KES and Hashicorp vault to encrypt files in minio. Without using docker, I managed to encrypt files using these servers. My problem is that I want to run KES as a docker container using docker-compose. When I run the kes container…
Zahra Vahidi
  • 103
  • 1
  • 10
3
votes
1 answer

Custom path for Hashicorp Vault Kubernetes Auth Method does not work uisng CLI

When I enable kubernetes auth method at default path (-path=kubernetes) it works. However, if it is enabled at custom path, the vault init and sidecar containers don't start. kubernetes auth method enable at auth/prod vault auth enable -path=prod/…
gauravkr19
  • 35
  • 5
3
votes
1 answer

How to provide Vault secrets for a Flink application custom resource in Kubernetes

I would like to provide secrets from a Hashicorp Vault for the Apache Flink jobs running in a Kubernetes cluster. These credits will be used to access a state-backend for checkpointing and savepoints. The state-backend could be for example Minio S3…
Kubus
  • 677
  • 6
  • 18
3
votes
2 answers

Vault sidecar injector permission denied only for vault enterprise

I am trying to explore vault enterprise but getting permission denied for sidecar when I use the vault enterprise but seems to work fine when I tried to use local vault server. Here is the repository that contains a working example with the local…
Adiii
  • 54,482
  • 7
  • 145
  • 148
3
votes
2 answers

Detect when a secret changes in Hashicorp Vault

I'm totally new to Vault and what I want is to detect when a secret changes and execute some code in response. I've been googling for resources about how to do that but haven't found anything useful. From what I've read and learnt, I think the only…
beni0888
  • 1,050
  • 1
  • 12
  • 40
3
votes
1 answer

Unable to login to Vault via CLI

When I try to log in to Vault using the CLI: vault login ${MY_SUPER_SECRET_TOKEN} I get the error: Error authenticating: empty response from lookup-self I am able to log in via the UI using a Token or OIDC. vault read auth/token/lookup-self looks…
dev_ab
  • 43
  • 6
3
votes
2 answers

vault (hashicorp) add new policy to existing users/tokens

I created a user with a policy: $ vault token create -renewable -policy=admin_policy Key Value --- ----- token s.kG0Kdb8d2DSOUHv3AMzw5tdO token_accessor …
Dmitriy Gr
  • 33
  • 1
  • 3
3
votes
1 answer

How to add vault (Hashicorp) entity to an existing group via CLI

I have several entities (users) in vault implementation. These entities have alphanumeric ids. I also have a group called ops. This group also has an alphanumeric id. I have looked at the Hashicorp's documentation…
Mamun
  • 2,322
  • 4
  • 27
  • 41
3
votes
2 answers

hashicorp Vault : " Error initializing listener of type tcp: error loading TLS cert " Where is my mistake?

I try to run Vault with docker-compose on Virtual machine ubuntu 20.04 ( ip : 192.168.56.9 ). Without the https, already works fine, but when I try to put vault in https with self-signed certificat from openssl, it doesn't works. Here my…
Drakka24
  • 53
  • 1
  • 4
2
votes
1 answer

Policy to allow user to view secrets at 1 sub-tree but not others in hashicorp vault

I have a secrets engine in vault called "root" with 3 subtrees of "apps", "ops" & "test". I'm trying to create an ACL policy that will allow specific users to only see a certain subtree. I have a sample policy set for "apps" users to only see their…
Probius
  • 79
  • 10
1
2 3
19 20