Hello together,
I tried to follow the documentation about “Installing Boundary Without Generated Resources”.
The only difference here is that I use Vault as KMS (which is configured successfully, since everything works when I use generated resources).
Used Boundary version is 0.6.2
/etc/boundary.d/controller.hcl
kms "transit" {
purpose = "root"
address = "vault:8200"
token = "s.[...]"
disable_renewal = "False"
key_name = "root"
namespace = ""
mount_path = "boundary-transit/"
}
kms "transit" {
purpose = "worker-auth"
address = "vault:8200"
token = "s.[...]"
disable_renewal = "False"
key_name = "worker-auth"
namespace = ""
mount_path = "boundary-transit/"
}
kms "transit" {
purpose = "recovery"
address = "vault:8200"
token = "s.[...]"
disable_renewal = "False"
key_name = "recovery"
namespace = ""
mount_path = "boundary-transit/"
}
/tmp/recovery.hcl
kms "transit" {
purpose = "recovery"
address = "vault:8200"
token = "s.[...]"
disable_renewal = "False"
key_name = "recovery"
namespace = ""
mount_path = "boundary-transit/"
}
But if i run the command:
boundary scopes create -name 'org' -scope-id 'global' -skip-admin-role-creation -skip-default-role-creation -recovery-config=/tmp/recovery.hcl
It results into the following error message:
Error from controller when performing create on scope
Error information:
Kind: Unauthenticated
Message: Unauthenticated, or invalid token.
Status: 401
context: Error from controller when performing create on scope
I tried to find any hints in the documentation, but I did not find anything which helps me to get the error figured out.
Thank you guys already for helping me out ^^