Error making API request when using Vault secrets

About

Asked 2/11, 2021 at 13:0 Answered 8/11, 2021 at 12:28

I am following this tutorial but I don't know why I am getting these permissions errors when I run some vault commands

  vault kv put secret/hello foo=world
    Error making API request.
    
    URL: GET http://127.0.0.1:8200/v1/sys/internal/ui/mounts/secret/hello
    Code: 403. Errors:
    
    * permission denied

For further info...

vault status
Key             Value
---             -----
Seal Type       shamir
Initialized     true
Sealed          false
Total Shares    1
Threshold       1
Version         1.8.4
Storage Type    inmem
Cluster Name    vault-cluster-fc4492f9
Cluster ID      87956902-532d-dcfd-5e9a-9f1d36207ef4
HA Enabled      false

And the version of my the vault package

vault --version
Vault v1.8.4 (925bc650ad1d997e84fbb832f302a6bfe0105bbb)

I have already exported the Token and the address, so I have no clue what to do next to solve the issue. Can anyone help me out? Thanks in advance.

UPDATES

From the UI I do have access to http://127.0.0.1:8200/ui/vault/ but still having the same issue from the CLI. I even tried vault auth login but nothing changes.

Polytheism answered 2/11, 2021 at 13:0 Comment(5)

How did you export the token, and what OS are you on? Try it again, it looks like it did not work. – Oospore 8/11, 2021 at 7:47

I'm using Ubuntu 20 and I took the token printed by the console when you use vault server -dev "Root Token" – Polytheism 8/11, 2021 at 10:51

The command I use for exporting the token is export VAULT_DEV_ROOT_TOKEN_ID=s.l6Rb88CZvfgsKxKOxDNh1ONC But I also tried with export VAULT_TOKEN=s.l6Rb88CZvfgsKxKOxDNh1ONC – Polytheism 8/11, 2021 at 11:1

As the tutorial you linked to shows, you need to surround the token with quotes: export VAULT_TOKEN="s...". Did you do that? – Oospore 8/11, 2021 at 11:55

hey, I feel so dumb now, it was that, the quotes with VAULT_TOKEN. Add the answer and I will upvote it. Thanks man – Polytheism 8/11, 2021 at 12:26

You must use quotes around the token when exporting it:

export VAULT_TOKEN="s..."

Reference in the tutorial.

Descombes answered 8/11, 2021 at 12:28 Comment(4)

I had a env variable with VAULT_TOKEN with old value causing the problem. After updating the env variable VAULT_TOKEN its working fine... Thank you – Feeder 22/3, 2022 at 9:14

Actually you don't need to use quotes. – Engvall 25/1 at 15:23

@Engvall - in /bin/sh you do. In other shells, it doesn't hurt. I assume that's why the Vault docs show using quotes, to ensure maximum portability. If you want to share why you think it isn't necessary you might help future visitors more than just downvoting will. – Oospore 26/1 at 5:48

If the OP is on Ubuntu 20, I assume they are using bash. – Engvall 26/1 at 17:36

Hot tags

Godot Unity Godot Help Programming Godot 4.X GUI GDScript 3D 2D Physics CSharp Godot 3.X VR XR Projects C++

UPDATES

Recommended topics

Hot tags