stale-belgium-7295
10/20/2023, 4:26 AM"address": {
"type": "string",
"description": "The URL of the Vault server. Must contain a scheme and hostname, but no path."
},
Must contain a scheme and hostname, but no path
. The problem is vault HCP/vault enterprise have a notion of namespace, and authentication methods are set at the namespace level, meaning that if I enable a jwt
authentication in vault at the namespace level, I need to somehow specify the namespace when authenticating. Usually the namespace is either specified in the path, or via a header:
• in the header
curl --request POST \
--header "X-Vault-Namespace: <NAMESPACE>" \
--data '{"jwt": "'"$(cat $JWT_PATH)"'", "role": "'"$ROLE"'"}' \
$VAULT_ADDR/v1/auth/jwt/login
• in the path
curl --request POST \
--data '{"jwt": "'"$(cat $JWT_PATH)"'", "role": "'"$ROLE"'"}' \
$VAULT_ADDR/v1/<NAMESPACE>/auth/jwt/login
But it doesn't seem like we can configure which namespace to use in pulumi ESC's vault integration?