mp911de
commented
3 years ago It's possible to combine both, but each component will have their own authentication scope. The only way to reuse the same token is to specify a token externally.
Closed jandresboyaca closed 3 years ago
mp911de
commented
3 years ago It's possible to combine both, but each component will have their own authentication scope. The only way to reuse the same token is to specify a token externally.
jandresboyaca
commented
3 years ago The thing is that when I active the server config and vault the authentication with Kubernetes doesn't arrive at the server config, I got the next exception on the server config
m.m.a.ExceptionHandlerExceptionResolver : Resolved [java.lang.IllegalArgumentException: Missing required header: X-Config-Token]
But if I use the token authentication works normally.
https://cloud.spring.io/spring-cloud-vault/reference/html/#vault.config.authentication.kubernetes
mp911de
commented
3 years ago That is by design.
If you have Spring Cloud Vault on your class path, then what's the point to additionally propagate the authentication to Config server using Vault? You have access to Vault anyway so you can fetch the secrets directly without Config server.
jandresboyaca
commented
3 years ago Ok I thought so thanks @mp911de
I'd like to know if it's possible to use spring cloud vault with the dependency
spring-cloud-starter-vault-config and spring-cloud-config-client
I mean I've been trying to use Kubernetes service account with vault and spring cloud-config, but when I activated the cloud-config I have an error because the header X-Vault-Token doesn't arrive to spring cloud-config. I want to know if it's possible to work as you work with the token vault when you sent from the client and config server sent to vault.
Client dependency
spring-cloud-config-client.
spring-cloud-starter-vault-config.