I have two vault envariments PROD and UAT
They are deployed in eks cluster, with helm chart.
Vault version: 1.4.2
Backend is DynamoDB,
All configuration is manages by terraform so I have exact copy for UAT and PROD
Before onboarding users to vault I will create Entities and alias with there email (I will create email in low case ex
But email can be
And everything worked fine unit recently
Now in PROD when users try to login with OIDC it will create a new entitie and alias, alias will be case sensitive
In this case i have pre created alias
email@example.com but it will create a new one
However this is happening only in PROD env UAT env works fine(In UAT it maps user to pre created email all low case ).
I didn’t do any updates. only thing that i found there was a vault container restart
My guess will be that DynamoDB has some temp values that needs to be cleaned?
I installed vault with helm and apply same config with terraform everything works fine (Im not able to reproduce)
But I need to fix PROD env
Any ideas on this ?