When configuring secrets in AWS, the suggestive text for secret name uses slashes, so that it could be quite common that users have slashes in their secret names.
Suppose the secret name is john/secret in AWS and the key of the credential is john-key-auth. In apisix, the secret is referenced by key-auth as such:
Suppose the key-auth is enabled on a route. When requesting this route, you would receive 401 from APISIX and see the below error in the error log:
failed to fetch secret value: failed to retrtive data from aws secret manager: invalid status code 400, {"Message":"Secrets Manager can't find the specified
...
run_plugin(): key-auth exits with http status code 401, client: [192.168.65.1](http://192.168.65.1/), server: _, request: "GET /anything HTTP/1.1", host: "[127.0.0.1:9080](http://127.0.0.1:9080/)"
This is likely due to the slash in the secret name. There might be a parsing case to catch. From testing, it seems that a slash in the secret name leads to errors, but a slash in the key of the credential key-value pair does not.
Expected Behavior
APISIX to accommodate the situation where secret names contain slashes.
Current Behavior
When configuring secrets in AWS, the suggestive text for secret name uses slashes, so that it could be quite common that users have slashes in their secret names.
Suppose the secret name is
john/secret
in AWS and the key of the credential isjohn-key-auth
. In apisix, the secret is referenced bykey-auth
as such:Suppose the
key-auth
is enabled on a route. When requesting this route, you would receive 401 from APISIX and see the below error in the error log:This is likely due to the slash in the secret name. There might be a parsing case to catch. From testing, it seems that a slash in the secret name leads to errors, but a slash in the key of the credential key-value pair does not.
Expected Behavior
APISIX to accommodate the situation where secret names contain slashes.
Environment
apisix version
):3.11.0