Hello @marthees!
There are a few different ways to connect Vault and Kubernetes together. You can either use kubernetes or jwt auth methods. The table below outlines some of the options for kubernetes auth. Since you are using an external Vault cluster, the first option will not work for you as it requires Vault to be deployed within the cluster.
In order to further diagnose your Vault authentication problems, which option are you trying to implement?
| Option | All tokens are short-lived | Can revoke tokens early | Other considerations |
|---|---|---|---|
| Use local token as reviewer JWT | Yes | Yes | Requires Vault (1.9.3+) to be deployed on the Kubernetes cluster |
| Use client JWT as reviewer JWT | Yes | Yes | Operational overhead |
| Use long-lived token as reviewer JWT | No | Yes | |
| Use JWT auth instead | Yes | No |