Authenticating with K8S service account works - but only eventually after backing off over 10 minutes

In the vault-agent-init it can take up to a good 10 minutes to authenticate with a k8s service account to my external vault server.

After backing off with permission denied several times, it eventually works:


2022-11-11T17:00:18.035Z [INFO]  auth.handler: authenticating
2022-11-11T17:00:18.146Z [ERROR] auth.handler: error authenticating:
  | Error making API request.
  | Namespace: foo/dev/
  | URL: PUT
  | Code: 403. Errors:
  | * permission denied

2022-11-11T17:04:46.208Z [INFO]  auth.handler: authenticating
2022-11-11T17:04:46.372Z [INFO]  auth.handler: authentication successful, sending token to sinks
2022-11-11T17:04:46.372Z [INFO]  auth.handler: starting renewal process
2022-11-11T17:04:46.373Z [INFO]  sink.file: token written: path=/home/vault/.vault-token
2022-11-11T17:04:46.373Z [INFO]  sink.server: sink server stopped
2022-11-11T17:04:46.373Z [INFO]  sinks finished, exiting
2022-11-11T17:04:46.373Z [INFO]  template.server: template server received new token

Can anyone explain this unusual behaviour? This happens consistently.