When redering the CRL of a PKI ({{ with secret "pki-root/cert/crl" }}{{ .Data.certificate }}{{ end }}), consul-template throws the following error:
vault.read(pki-root/cert/crl): failed to check if pki-root/cert/crl is KVv2, assume not: Error making API request.#012#012URL: GET https://active.vault.service.consul:8200/v1/sys/internal/ui/mounts/pki-root/cert/crl#012Code: 403. Errors:#012#012* preflight capability check returned 403, please ensure client’s policies grant access to path “pki-root/cert/crl/”
See https://discuss.hashicorp.com/t/vault-agent-template-get-pki-crl/47672/2
When redering the CRL of a PKI (
{{ with secret "pki-root/cert/crl" }}{{ .Data.certificate }}{{ end }}
), consul-template throws the following error:Workaround to suppress this error message:
Proposed solution: Add some option to force kv version:
{{ with secret "pki-root/cert/crl" kv_version="1" }}{{ .Data.certificate }}{{ end }}