DEVHIDE
Login Or Sign up

unable to load secrets from vault when spring.cloud.vault.config.lifecycle.enabled is set to false

1.4k Views Asked by At

I am using spring cloud starter vault config of version 2.2.5.RELEASE for connecting to my secured vault server which is working on approle authentication mechanism, i observed that if i setup value to false for property spring.cloud.vault.config.lifecycle.enabled spring is unable to load secrets from vault its failing with below error:

17:27:05.823 DEBUG [ main] o.s.v.a.AppRoleAuthentication - - Login successful using AppRole authentication
17:27:06.121 WARN [ main] o.s.c.v.config.VaultConfigTemplate - - Could not locate PropertySource: Status 403 Forbidden [/*/local]: 1 error occurred:
* permission denied

below is my bootstrap.properties configuration:
#Project Details
info.app.name = ****
info.app.version = @project.version@

spring.application.name = ***

logging.level.org.springframework.vault = TRACE

spring.cloud.vault.app-role.auth-path=approle
spring.cloud.vault.app-role.role-id=****
spring.cloud.vault.app-role.secret-id=****
spring.cloud.vault.authentication=APPROLE
spring.cloud.vault.generic.application-name=****
spring.cloud.vault.generic.backend=***
spring.cloud.vault.generic.enabled=false
spring.cloud.vault.host=****
spring.cloud.vault.kv.application-name=****
spring.cloud.vault.kv.backend=****
spring.cloud.vault.kv.enabled=true
spring.cloud.vault.kv.profile-separator=/
spring.cloud.vault.port=8200
spring.cloud.vault.scheme=https
spring.cloud.vault.ssl.trust-store=*****.jks
spring.cloud.vault.ssl.trust-store-password=***
management.health.vault.enabled = false
spring.cloud.vault.config.lifecycle.enabled=false


Note if spring.cloud.vault.config.lifecycle.enabled is set to true then it is able to load secrets from vault. my goal for setting this property is to load secrets from vault only during application startup time and reduce further secret renew calls to vault once application is started.

below are the sequence of requests to vault when property is set to true

https://:/v1/sys/internal/ui/mounts///local

https://:/v1/auth/approle/login

https://:/v1//data//local

https://:/v1/sys/internal/ui/mounts//

https://:/v1//data/

below are requests to vault when property is set to false https://:/v1///local

spring-cloud spring-cloud-config hashicorp-vault spring-vault spring-cloud-vault-config
Original Q&A
0

There are 0 best solutions below

Related Questions in SPRING-CLOUD

Related Questions in SPRING-CLOUD-CONFIG

Related Questions in HASHICORP-VAULT

Related Questions in SPRING-VAULT

Related Questions in SPRING-CLOUD-VAULT-CONFIG

Trending Questions

Popular # Hahtags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Popular Questions

Copyright © 2021 Jogjafile Inc.