I found this post: Nomad unable to get vault token but from what I can see, I did everything the poster did in their “working” setup. I’ve modified my setup slightly, but not really functionally.
I moved the vault stanza to the task section
I renamed the mount point ‘secret,’ so my secret input is now:
vault kv put secret/db/config user=blah pass=blah
My policy, which is added to vault using the name ‘db’ is:
path "secret/db/*" {
capabilities = ["read"]
}
The vault stanza in my task is:
vault {
policies = ["db"]
change_mode = "signal"
change_signal = "SIGUSR1"
}
I would be very appreciative of any tips. This is my last hurdle to get my Proof of Concept cluster up and going. 