Scope of credential store since version 0.10.x

Hi, I have been using boundary for a couple of months now.
Migrations during upgrade to version 0.10.x remove associations between targets and credential libraries that are not in the same project scope.
I have one vault that I use as my credential store. I’m using managed groups to give people permissions to different projects in boundary so I would like to keep mu projects separate but I can’t use the same vault to create credential stores in all projects (address must be unique) nor I can continue to use credential store in one project.
My question is, what am I doing wrong?
Did I misunderstood something in boundary domain model?
Do I need to maintain separate vault for each project in boundary?
If I upgrade to vault enterprise and use namespaces, does it count as a unique address to create multiple credential stores from one vault?

Hi kobejn-jb,

The address for a Vault credential store does not have to be unique. Only However, the Vault token for each credential store must be unique. So you can create one (or more) Vault credential stores in each project as long as you give each of them a different Vault token. I hope this helps!.


Hi, thank you.
That helps a lot, I was convinced that it’s address that’s needs to be unique.
I’m not sure if this is a terraform provider issue but this message does not specify what field must be unique :slightly_smiling_face:

Error: error creating credential store: {"kind":"InvalidArgument", "message":"Invalid request.  Request attempted to make second resource with the same field value that must be unique."}