Hi Team,
I am exploring the possibility of using Vault for rotating DB Creds.
Environment:
OS : Mac OS Big Sur version 11.6
***Docker version 20.10.8, build 3967b7d
Vault : 0.11 ==>Running on Centos Docker container with version 7.9.2009. Image centos:7.9.2009
Oracle Database Server: 12.2.0.1 ==> Running on Docker container.Image store/oracle/database-enterprise:12.2.0.1
Oracle Instant Client: 12.2
Vault Oracle Plugin: 0.1.3
To make containers talk to each other initially created a network vault-db-comm using the following command
docker network create vault-dm-comm --driver bridge
Then, launched oracle container using this network
docker run -d -p 1521:1521 --name oracledb1 --network vault-db-comm store/oracle/database-enterprise:12.2.0.1
Launched Centos OS container also with the same network and installed Vault in the manually
docker run -it -p 8200:8201 -p 8201:8201 --network vault-db-comm centos:7.9.2009
Installed python 3.6 in the same centos container and was able to connect to oracle but when i am providing the same connection string in vault for creating connection string getting the following error
vault write database/config/my-oracle-database plugin_name=“vault-plugin-database-oracle” allowed_roles=“*” \
connection_url='{{username}}/{{password}}@oracledb1:1521/ORCLPDB1.localdomain' \ username=‘..’ \ password=‘...’
Error writing data to database/config/my-oracle-database: Error making API request.
URL: PUT http://127.0.0.1:8200/v1/database/config/my-oracle-database
Code: 400. Errors:
Following is the output when i try to connect from python using the same
cx_Oracle.connect(user=‘…’, password=‘…’,dsn=“oracledb1:1521/ORCLPDB1.localdomain”, encoding=“UTF-8”)
<cx_Oracle.Connection to nithin@oracledb1:1521/ORCLPDB1.localdomain>
Do i need to specify oracle connection string differently for vault when i am running vault and oracle in different containers but on the same system.
Can anyone help me on this issue