Hi,
I’ve setup a demo kubernetes cluster and installed vault via helm in HA mode.
I forward to the first instance:
kubectl --namespace vault port-forward vault-0 8200
Now I’m facing the issue, that the vault cli application allows me to login, but no command is working. If im using curl instead, everything works as expected.
❯ vault login --address=http://127.0.0.1:8200
Token (will be hidden):
WARNING! The VAULT_TOKEN environment variable is set! This takes precedence
over the value set by this command. To use the value set by this command,
unset the VAULT_TOKEN environment variable or set it to the token displayed
below.
Success! You are now authenticated. The token information displayed below
is already stored in the token helper. You do NOT need to run "vault login"
again. Future Vault requests will automatically use this token.
Key Value
--- -----
token s.Qfgt1c651gcWbwLKIHHZvPHu
token_accessor UkApROifWR9l4wJkPyUrfKCQ
token_duration ∞
token_renewable false
token_policies ["root"]
identity_policies []
policies ["root"]
❯ vault token lookup
Error looking up token: Error making API request.
URL: GET http://127.0.0.1:8200/v1/auth/token/lookup-self
Code: 403. Errors:
* permission denied
❯ curl -k -X GET -H 'X-Vault-Token:s.Qfgt1c651gcWbwLKIHHZvPHu' "http://127.0.0.1:8200/v1/auth/token/lookup-self"
{"request_id":"8d60d68e-903b-1e94-4549-1f728b0a3d11","lease_id":"","renewable":false,"lease_duration":0,"data":{"accessor":"UkApROifWR9l4wJkPyUrfKCQ","creation_time":1625031075,"creation_ttl":0,"display_name":"root","entity_id":"","expire_time":null,"explicit_max_ttl":0,"id":"s.Qfgt1c651gcWbwLKIHHZvPHu","meta":null,"num_uses":0,"orphan":true,"path":"auth/token/root","policies":["root"],"ttl":0,"type":"service"},"wrap_info":null,"warnings":null,"auth":null}