Part of my work at the moment is configuring vault to work in a private OKE cluster in Oracle Cloud.
We are able to deploy vault into AWS EKS and connect it to postgresql to store configuration, but I am finding it a challenge to deploy vault using oracle cloud buckets as the medium of storing configuration.
I have seen the following page https://www.vaultproject.io/docs/configuration/storage/oci-object-storage but consistently receive the following error: Error initializing storage of type oci: failed creating NewObjectStorageClientWithConfigurationProvider: can not create client, bad configuration: did not find a proper configuration for tenancy
I have run oci setup config and the ~/.oci/config file contains the necessaries; what further configuration is needed to get past this issue?
I’m afraid we need to dive a bit deeper into your tenancy configuration here. There are multiple potential causes for this, for example if proper security policies and security lists are in place.
I’ll try the link you provided myself and come back to you. Will take some time though, won’t happen today.
Just a comment: The “best practice” would be using a service gateway, because then the traffic doesn’t traverse the internet. Which would make sense in this use case, it’s Vault data after all.
Make sure you choose the correct Route Table when creating the Service Gateway, in case you created your own tables.
