I need help to know if my problem is solvable somehow.
I’m trying to integrate a vault into a boundary. Now I just have a K/V secret engine setup in vault, a token created for boundary and a policy that grant access to the desired user:password I want.
In boundary I setup a credential store successfully and a credential library with the correct path successfully.
In the desktop boundary app when I click on “connect” the credential doesn’t come the way I want to :
You can see that Key is data and metadata from the K/V secret engine instead of the Key/value I would like to see here.
Is that normal ? Did I miss something ?
Here’s the setup of the credential library with the path used and the vault full path :
I’m pretty sure I’ve done this in the past and it worked – is your k/v secret a k/v-v1 or k/v-v2 secret?
Seems like this could be a UI rendering bug, we recently added support for KV-v2, before this secrets would generally be in the format of
string: string. However, KV-v2 embedded the secret in a
data struct, and therefore does have two top level objects
This should definitely be displaying correctly on the CLI.
@fabien.bellay I can reproduce your issue, while we work on a fix you can always look at the
raw API output and then look at
secret.decoded.data to see the credential data stored within the Vault KV-v2 secret.
Hi there and thanks for using Boundary Desktop. Desktop currently supports credentials JSON up to one level deep. We realise that not all credential types will display fully, which is why Desktop can also display the raw API output. There is room for improvement here. Thanks for raising it.
Thanks for all the answers. I’ll wait for the fix then.
Do you have an eta to provide or some kind of roadmap for the boundary desktop ?
Facing this issue when trying to connect to boundary through vault
boundary connect ssh -target-id ttcp_1234567890
Error from controller when performing authorize-session action against given target
Message: targets.(Service).AuthorizeSession: vault.(Repository).Issue: vault.(client).get: vault: https//…com: external system issue: error #3014: Error
making API request.
Code: 403. Errors:
- 1 error occurred:
- permission denied
context: Error from controller when performing authorize-session action against given target
I replied to your other post about this, just letting you know here too.