[solved] "version" parameter not recognized when enabling kv mount through API

Vault
1

I’m trying to create a new KV v2 mount using the API endpoint /sys/mounts/:path, as described in the documentation, by means of a Python3 script. Vault version is 1.6.3.

The problem is that Vault’s API doesn’t recognize the “version” config key for the “options” field.

Here’s the code snippet:

import pprint
import requests 

headers = {
    'X-Vault-Token': '[redacted]'
}

config = {
  'type': 'kv',
  'options': {
      'version': '2'
  }
}

request_url = 'http://localhost:8200/v1/sys/mounts/newmount'

pprint(config)
request = requests.post(request_url, headers=headers, data=config)

And the output I get:

$ python3 create-mount.py 
{'options': {'version': '2'}, 'type': 'kv'}
500
{'errors': ['1 error occurred:\n'
            '\t* error converting input version for field "options": invalid '
            'key pair "version"\n'
            '\n']}

Even if the config object is set like this:

    config = {
      'type': 'kv-v2',
      'options': {
          'version': '2'
      }
    }

… I get the same error as above. What does work is:

    config = {
      'type': 'kv-v2',
    }

So if we have the types kv and kv-v2 and the value key for options is not recognized by the API, shouldn’t this information be removed from the documentation?

  • options (map<string|string>: nil) - Specifies mount type specific options that are passed to the backend.

Key/Value (KV)

  • version (string: "1") - The version of the KV to mount. Set to “2” for mount KV v2.
2

I was going to open an issue right away but thought it was better to discuss the matter here before doing so.

3

Working example. Might be you have 2 quoted.

{
    "type": "kv",
    "config": {},
    "options": {
        "version": 2
    }
}
4

I tried again with your values

config = {
    "type": "kv",
    "config": {},
    "options": {
        "version": 2
    }
}

Still get

{'errors': ['1 error occurred:\n'
        '\t* error converting input version for field "options": invalid '
        'key pair "version"\n'
        '\n']}

Also tried with "version": "2", same error.

I used the quotes because the documentation defines the field as a string.

5

The top beginning bracket got cut off in the paste. I fixed that if it wasn’t obvious.

I’d recommend trying it in Postman against your server and verifying that works as a starting point.

6

Found out what’s wrong.

When making a request using Python’s requests library the values in the data parameter are converted to form-encoding. Meaning that this config object

config = {
    "type": "kv",
    "config": {},
    "options": {
        "version": "2"
    }
}

gets converted to type=kv&options=version URL parameters. Found this out with:

response = requests.post(request_url, headers=headers, data=config)
print(response.request.body)

Output:
type=kv&options=version
{‘errors’: [‘1 error occurred:\n’
'\t* error converting input version for field “options”: invalid ’
‘key pair “version”\n’
‘\n’]}

So I changed the request to use the json parameter:

response = requests.post(request_url, headers=headers, json=config)
print(response.request.body)

And got a successful request:
b'{"type": "kv", "config": {}, "options": {"version": "2"}}'