354 questions
-1
votes
0
answers
22
views
Function app to sync key vaults across regions [closed]
I need a function app that will syncronize a key vault in west us 3 to a key vault in eastus. Im willing to pay. I'm deploying aks in westus3, east us will be our passive environment for aks, I know I ...
1
vote
0
answers
63
views
Can I store JSON object in Azure key vault? just like I would in DB, I'd want to store it using a POST route and also GET it
An encrypted license file which I'm storing as an JSON object in my DB.
I want to store it in azure key vault for security reasons.
Is it possible to store it in azure key vault using POST route and ...
- 1
0
votes
0
answers
70
views
Spring Boot Vault client connects to localhost instead of configured IP
I have a spring boot microservices demo. My vault instance is running in Docker in Google Cloud VM.
Dependency in config server pom.xml:
<dependency>
<groupId>org.springframework.cloud&...
-1
votes
2
answers
262
views
Python hvac implementation to retrieve secrets [closed]
I am working on a Python sample code for the first time. This is about how to retrieve secrets from Hashicorp Vault secrets manager API; hvac.client.secrets.kv.v2, my code is as follows:
# 1. Setup ...
- 1
0
votes
0
answers
60
views
how to retrieve secrets from jenkins to migrate them to vault hashicorp
I want to know how to use jenkins plugins to list all of ly jenkins credentails with SystemCredentialsProvider
I used :
def credsStore = jenkinsInstance.getExtensionList('com.cloudbees.plugins....
- 1
0
votes
1
answer
98
views
Setting environment variables in deployment from Vault secret
I have configured delivery of secrets from Valt to kubernetes cluster. configured via CSI with creation of SecretProviderClass. secret put in volume:
...
volumeMounts:
- name: secrets-store-...
- 23
0
votes
2
answers
207
views
When creating a container, the error "secret not found" appears [closed]
I'm trying to use Vault CSI Provider to get secrets and HCP Vault
Made the following policy and role on terraform:
resource "vault_policy" "n8n" {
name = "n8n"
...
0
votes
0
answers
109
views
Is it possible to grab a vault value in a Java unit test?
I have a java app that populates a class's member variables with values that are saved in vault by injecting an instance of the class into the service rather than explicitly calling the class's ...
- 867
2
votes
1
answer
100
views
Spring boot config server doesn't load properties from Vault
I have a problem with the Spring Boot Config Server.
Here is my pom.xml
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent<...
- 21
0
votes
2
answers
54
views
Unable to inject secrets from Vault in springboot application
application.yml:
spring:
application:
name: MyService
profiles:
active: dev
cloud:
vault:
enabled: true
namespace: ${VAULT_NAMESPACE}
uri: https://vault.my.org
...
- 818
0
votes
0
answers
144
views
issue with vault ui: oidc role not found
I am facing an issue on vault integrated with keycloak, when i a try to use a role to sign in it appears that there is a misbehavior / bug, the last character of the role id is missing in the payload
...
0
votes
1
answer
838
views
PEM certificate upload issue in Azure Key Vault
I am unable to upload a specific .pem certificate to Azure Key Vault. Error: "The specified PEM X.509 certificate content is in an unexpected format. Please check if certificate is in valid PEM ...
- 1
0
votes
0
answers
171
views
Vault cannot upload oidc discovery
I wanto to get secret Vault from my Gitlab CI, but I need before to enable jwt auth.
So I follow this documentation https://docs.gitlab.com/ee/ci/secrets/#configure-your-vault-server
vault auth enable ...
- 21
0
votes
0
answers
21
views
NPM build API Vault LIST fail
I am on an NPM application using Svelte and I am looking to develop a server-side API to list the available paths of my Vault HashiCorp instance. By making simple calls with fetch on the Vault REST ...
- 53
0
votes
2
answers
200
views
Azure Key Vault signing fails when signing BouncyCastle generated signed attributes of PDF document
We're trying to use Azure Key Value private key to sign BouncyCastle generated signed attributes (embeds PDF hashable content digest) for a PDF document to allow for PDF signing.
However, the signing ...
- 13
-1
votes
1
answer
140
views
extract ca chain that has multiple CA as list from vault using jq and format into single ca.crt file
I trying to generate certs uisng vault pki role. How can i create a single file called ca.crt from the wget command output.
$ wget --method=POST --header="X-Vault-Namespace: ns" --header=&...
- 583
0
votes
1
answer
330
views
What is the functionality of vault-agent-status annotation?
I have gone through documentation of hashicorp vault agent annotations and am not able to clearly understand the significance of vault-agent-status annotation?
Does it mean that if the value "...
- 2,592
0
votes
1
answer
548
views
Can't get secrets from Vault with Hashicorp in Java
I'm using Hashicorp plugin to get secrets from Vault but without success. I have looked through all similar questions here and also in Internet but still haven't solved my issue.
I copied code from ...
0
votes
1
answer
108
views
Extract Only Secret Values with EKS + Vault CSI Provider
I am using the Vault CSI Provider with EKS to load secrets stored in Vault KV into my deployment as a JSON file. Here are the relevant configurations:
SecretProviderClass configuration:
apiVersion: ...
- 309
1
vote
0
answers
98
views
Kubernetes Cronjob permissions issue
I have a Kubernetes CronJob for renewing vault tokens. And I am facing an error running this CronJob. This is the log from the pod:
Error from server (Forbidden): pods "vault-0" is forbidden:...
- 1,784
0
votes
1
answer
80
views
Vault access from Puppetserver always denied
Context
On my personal WSL I created a new token for our Vault instance with the appropriate policy and was able to retrieve secrets from there.
However, for some reason any attempt to use vault to ...
- 29
2
votes
1
answer
173
views
Kubernetes Authentication no re-create token
I can't configure spring.cloud.vault to re-authenticate the application when the token expire.
I use Kubernetes Authentication with service token, bun in the SessionManager class I find the batch ...
- 141
1
vote
1
answer
176
views
Environment variables concatenation issue with Vault agent-jnject in Kubernetes deployment
I would like your help to understand a scenario when using Vault's agent-inject in a deployment. Basically, I configured Vault in a Minikube cluster following this tutorial and then created the ...
- 767
1
vote
1
answer
111
views
Two different annotations in cronjob/pod
I have values.yaml cronjob.yaml files
values.yaml
annotiations1:
vault.hashicorp.com/agent-inject-secret:'value1'
vault.hashicorp.com/agent-inject-status:'value2'
annotiations2:
vault.hashicorp.com/...
- 11
-1
votes
2
answers
588
views
Exchange GCP access token for id token
I am using vault and the gcp engine to get access tokens for a service account (token based RoleSet). I am trying to use the received token to call a cloud function (with authentication). However ...
- 441