#vault (2022-03)

vault Discussions related to Hashicorp Vault

2022-03-01

2022-03-24

Jonás Márquez avatar
Jonás Márquez
01:58:15 PM

Hello everyone! Is someone using Vault from Atlantis? I have Atlantis in a Docker container on an EC2 Instance in AWS, in the EC2 instance I have configured the Vault agent and mounted the vault-token in the Atlantis container, I am trying access Vault from Terraform with the Vault provider as follows:

Jonás Márquez avatar
Jonás Márquez
01:58:29 PM
provider "vault" {
  skip_tls_verify = true
  address = "https://<IP-ADDRESS>:8200/"
  token = "~/.vault-token"
}
Jonás Márquez avatar
Jonás Márquez
02:01:08 PM

but when I do the Pull Request it gives me the following error:

running "/usr/local/bin/terraform plan -input=false -refresh -out \"/home/atlantis/.atlantis/repos/TEST_PROYECT/test-atlantis-repo/44/default/default.tfplan\"" in "/home/atlantis/.atlantis/repos/TEST_PROJECT/test-atlantis-repo/44/default": exit status 1
╷
│ Error: Error making API request.
│ 
│ URL: GET https://<IP-ADDRESS>:8200/v1/auth/token/lookup-self
│ Code: 400. Errors:
│ 
│ * error performing token check: failed to look up namespace from the token: no namespace
│ 
│   with provider["registry.terraform.io/hashicorp/vault"],
│   on main.tf line 8, in provider "vault":
│    8: provider "vault" {
Zachary Loeber avatar
Zachary Loeber
07:34:06 PM

you should also be able to get rid of the address entirely if you have the VAULT_ADDR env var set

Jonás Márquez avatar
Jonás Márquez
02:02:15 PM

Namespaces are only used for Vault Enterprise and this is not the case, has anyone been able to implement it?

2022-03-25

Zachary Loeber avatar
Zachary Loeber
07:32:20 PM

You did not pass in the address as is right?

    keyboard_arrow_up