Closed fred-gb closed 3 months ago
Bonjour, ππ»
Sorry, misunderstood with documentation.
I finally understand Vault policy format. With this in the template: {{with secret "apps/data/default/mongo/config"}}
and policy
path "kv/data/{{identity.entity.aliases.AUTH_METHOD_ACCESSOR.metadata.nomad_namespace}}/{{identity.entity.aliases.AUTH_METHOD_ACCESSOR.metadata.nomad_job_id}}/*" {
so
{{identity.entity.aliases.AUTH_METHOD_ACCESSOR.metadata.nomad_namespace}}
= default
({{with secret "apps/data/default/mongo/config"}})
and
{{identity.entity.aliases.AUTH_METHOD_ACCESSOR.metadata.nomad_job_id}}
= mongo
({{with secret "apps/data/default/mongo/config"}})
Thanks!
Bonjour, ππ»
Nomad version
Operating system and Environment details
Issue
Nomad is unable to start job, missing vault error message appears. But! Mongo example works.
Reproduction steps
Example mongo job, works:
I write another secret:
And check:
I change template in Nomad job:
Start job and!
Nomad Server logs (if appropriate)
I tried with other jobs, but it doesn't work when I use Vault.
I don't understand.
When I installed a fresh hashisatck with token "future deprecated" and no workload identity method configured. It works well.
Need help !
This not a spam message π