Vault credential brokering with boundary

When I am trying to authorize a session using boundary targets authorize-session command. It results to following output.

Credentials:
Credential Store ID: csvlt_hkWBaLx2dc
Credential Source ID: clvlt_iSFVerk2Qs
Credential Source Type: vault
Credential Source Name: ec2
Secret:
null

So, my question is why does the secret part appears to be null , since I had provided the username n password in vault secret , that I had created manually

What does your Vault credential store and credential library configuration look like? What’s the vault secret type and how do you have it formatted in Vault?

This is the vault credential store and credential library configuration.
Credential Store information:
Created Time: Wed, 18 May 2022 10:48:01 IST
ID: csvlt_4lWBv8Wke7
Name: ec2-user
Type: vault
Updated Time: Wed, 18 May 2022 10:48:01 IST
Version: 1

Scope:
ID: p_1234567890
Name: Generated project scope
Parent Scope ID: o_1234567890
Type: project

Authorized Actions:
no-op
read
update
delete

Authorized Actions on Credential Store’s Collections:
credential-libraries:
create
list

Attributes:
Address: https://XXXXXXXXXXXX.com
Token HMAC: R4a1iSMvHk06S6a0be-tnOlw8vAZtpZV9dxXvMtC40Q

Credential Library information:
Created Time: Wed, 18 May 2022 10:57:58 IST
Credential Store ID: csvlt_4lWBv8Wke7
ID: clvlt_BMMtIfDIr8
Name: ec2
Type: vault
Updated Time: Wed, 18 May 2022 10:57:58 IST
Version: 1

Scope:
ID: p_1234567890
Name: Generated project scope
Parent Scope ID: o_1234567890
Type: project

Authorized Actions:
no-op
read
update
delete

Attributes:
HTTP Method: GET
Path: secret/ec2

Had created vault secret from the GUI console inside the secrets providing the username and password

Is that the default K/V v2 secret mount in a dev instance of Vault? If so, try creating a K/V v1 secret mount and storing the username/password in a secret there and using that as your credential endpoint.

Integrating vault with boundary credential store , inorder to login into aws ec2 instance,
but have to statically provide the credential inorder to login into ec2.

./boundary connect ssh -target-id ttcp_1234567890 -addr=http://XXXXXXXXXXX -username hello
Credentials:
Credential Source ID: clvlt_jnEOdYQyew
Credential Source Name: new ec2
Credential Store ID: csvlt_4lWBv8Wke7
Credential Store Type: vault
Secret:
null
hello@hst_1234567890’s password:

It is not taking the vault secret created in vault ,basically which it should
So is there any alternative to login into AWS resources through credential provided in vault .
the documentation has the analyst role able to connect postgres db without providing the credential.
boundary connect postgres -target-id ttcp_1r9XGCXdwE -dbname northwind

So is there the similar approach for logging into ec2 instance.