Hashicorp Vault on Hashicorp Cloud Platform

[F78aPg0zjWnRKWkYrBd6lShvmAYl8doniMtEnFN]

Fabric 7.2.2 + Studio Web

I'm trying to configure Fabric to use Hashicorp Vault on Hashicorp Cloud Platform to allow Fabric to use it as secret manager.

A Service Principal key was created and two values were provided:

export HCP_CLIENT_ID=***
export HCP_CLIENT_SECRET=***

As per the instructions on Vault's portal, to retrieve the API token, the following should be performed:

HCP_API_TOKEN=$(curl --location "https://auth.idp.hashicorp.com/oauth2/token" \
--header "Content-Type: application/x-www-form-urlencoded" \
--data-urlencode "client_id=$HCP_CLIENT_ID" \
--data-urlencode "client_secret=$HCP_CLIENT_SECRET" \
--data-urlencode "grant_type=client_credentials" \
--data-urlencode "audience=https://api.hashicorp.cloud" | jq -r .access_token)

And then the following to retrieve the secrets:

curl \
--location "https://api.cloud.hashicorp.com/secrets/2023-06-13/organizations/<orgid>/projects/<projectid>/apps/<app>/open" \
--request GET \
--header "Authorization: Bearer $HCP_API_TOKEN" | jq

Are these the steps that Fabric is performing when integrating with Vault for secrets management?

I don't understand how the information provided above correlates to the [encryption_hashicorp_sm] section on config.ini (see below) as the attributes look different.

[encryption_hashicorp_sm]
## Use auth_token or combination of role_id & secret_id
#AUTH_TOKEN=
## Full url. example: http://127.0.0.1:8200/v1/secret
#URL=

#ROLE_ID=
#SECRET_ID=
## Full AppRole auth url. example: http://127.0.0.1:8200/v1/auth/approle
#APPROLE_URL=

#TIMEOUT=5000
#ENABLED=false

Please advise. Thanks.

[157aq9Ud3GJlkIVikTS1SzhhiP3x1Vrj0jAjZ3X]

please see at KB the 2 supported auth options (see there also the link to Hashicorp page) - https://support.k2view.com/Academy/articles/26_fabric_security/04a_secret_manager.html#hashicorp-vault

[F78aPg0zjWnRKWkYrBd6lShvmAYl8doniMtEnFN]

I assume that Fabric is only compatible with Vault Dedicated and not with Vault Secrets.