I just trying out the new Event feature in Vault, but getting into some problems.
Here is the current state:
- Vault deployed on Cloud Run
- Vault version 1.15.4
- Using GCP Bucket as the storage solution
- Typescript websocket running locally
- The websocket connection is successful
On the Vault log debug side, I get the following message
-
2024-01-15T19:12:53.830Z [DEBUG] core.events-subscribe: Got request to: url="/v1/sys/events/subscribe/kv-v2/*" version=HTTP/1.1 -
2024-01-15T19:12:53.831Z [DEBUG] core.events-subscribe: WebSocket is subscribed to messages: namespaces=[""] event_types="kv-v2/*" bexpr_filter="""
On the Websocket client side, I receive the “open” event and recurrent "ping` event
Custom policies are set as
path "sys/events/subscribe/*" {
capabilities = ["read"]
}
path "secrets/*" {
capabilities = ["list", "read", "subscribe"]
subscribe_event_types = ["*"]
}
path "kv/*" {
capabilities = ["list", "read", "subscribe"]
subscribe_event_types = ["*"]
}
However, the following command doesn’t trigger an event:
vault kv put -mount=kv fooe abc=2323
Any idea why the event isn’t triggered ?
Thanks