Unable to login using aws auth: missing client token

I’m trying to set up a new Vault server with the AWS auth backend and have been following along with the documentation. After setting up my first role, I tried logging in from an EC2 instance, but end up with the following:

$ vault login -method=aws role=dev-role-iam
Error authenticating: Error making API request.

URL: PUT https://my-vault-server:8200/v1/auth/aws/login
Code: 400. Errors:

* missing client token

I’m not sure why it’s asking for a token; I’m trying to obtain a token in the first place. Unfortunately, adding log_level=trace doesn’t show anything else.

I’m using Vault 1.8.2.

I’ve not been able to find anything else on this, so if anyone has any pointers, I’d greatly appreciate it.


Ugh, sorry… I realized I hadn’t properly set VAULT_NAMESPACE in the environment. Once that was present, things worked properly.