I’m trying to use CSI Driver for vault to use vault secrets in GKE. I have followed the documentation here with an external vault. But Im getting the below error.
* claim "iss" is invalid
When disable the issuer validation it works perfectly. So I tried following values for the jwt issuer while configuring the kubernetes authentication, nothing worked.
- “kubernetes/serviceaccount” (This is the value if I decode the token)
- https://container.googleapis.com/v1/projects//zones//clusters/<cluster_name> (Im using zonal location type)
Anyone advice would be really appreciated.