Error initializing GCP CKMS wrapper client

I’m running vault on a kubernetes cluster with the below seal configuration

seal "gcpckms" {
        credentials = "/vault/userconfig/vault-serviceaccount/vault-serviceaccount.json"
        project     = "fake-project-name"
        region      = "global"
        key_ring    = "vault-auto-unseal"
        crypto_key  = "vault-auto-unseal"

Using GCP KMS to auto-unseal the vault, while I have this same configuration on 3 clusters it works on 2 and doesn’t work on the 3rd one and I can’t figure out what’s the issue. Vault pods are crashlooping and from logs I can see this

Error parsing Seal configuration: error initializing GCP CKMS wrapper client: failed to create KMS client: invalid character 'e' looking for beginning of value

e is the first character of a JSON object that is base64-encoded. I wonder if your

is erroneously base64-encoded?

Thanks @maxb , indeed it was wrongly encoded