address: 0.0.0.0:7373
admin:
identity: disabled
tls:
key: /root/.kes/certs/kes.key
cert: /root/.kes/certs/kes.crt
policy:
my-app:
allow:
- /v1/key/create/my-key*
- /v1/key/generate/my-key*
- /v1/key/decrypt/my-key*
identities:
- * here is my identity*
keystore:
vault:
endpoint: https://127.0.0.1:8200
version: v1
approle:
id: *here is the id*
secret: *here is the secret*
retry: 15s
status:
ping: 10s
tls:
ca: /root/.kes/vault/certs/vault.crt
BTW I have no idea if I need to put id and secret values in "" or not. But both throw the same error anyway. Also sorry if I've chosen wrong issue type, I open it for the first time
Hi guys, KES server fails to start in docker throwing errors like:
Error: failed to read config file: edge: invalid vault keystore: invalid approle config: no approle ID specified
My docker-compose file (part of it) looks like:
Vault is initialized, unsealed and running. Everything is configured according to this guide: https://github.com/minio/kes/wiki/Hashicorp-Vault-Keystore
My Vault config is:
And KES config is:
BTW I have no idea if I need to put id and secret values in "" or not. But both throw the same error anyway. Also sorry if I've chosen wrong issue type, I open it for the first time