Reputation: 364
Hashicorp Vault: failed to look up namespace from the token
I have installed Hashicorp Vault in the AWS EC2 server and trying to access the secret keys stored in the vault using AWS Lambda function using "AWS Authentication". But I am getting the following error.
{u'errors': [u'error performing token check: failed to look up namespace from the token: no namespace']}
I am basically doing the following
Installed Hashicorp Vault in EC2 server, enabled AWS authentication
Set up policy & role in the Vault using an AWS role
Created a Python-based AWS Lambda function that is generating signed AWS STS request
Using the signed request, successfully login to the vault server. The response is as follows.
{ u'lease_id': u'', u'warnings': [ u'TTL of "768h" exceeded the effective max_ttl of "500h"; TTL value is capped accordingly' ], u'wrap_info': None, u'auth': { u'token_policies': [ u'default', u'examplepolicy' ], u'orphan': True, u'entity_id': u'xxxxxxxxxxxxxx', u'token_type': u'service', u'lease_duration': 1800000, u'policies': [ u'default', u'examplepolicy' ], u'client_token': u'xxxxxxxxxxxxxx', u'accessor': u'xxxxxxxxxxxxxx', u'renewable': True, u'metadata': { u'auth_type': u'iam', u'account_id': u'xxxxxxxxxxxxxx', u'role_id': u'xxxxxxxxxxxxxx' } }, u'lease_duration': 0, u'request_id': u'xxxxxxxxxxxxxx', u'data': None, u'renewable': False}
Now using the client-token from above response trying to fetch a secret key as shown below
secretKey = requests.get(url1,headers = {"X-Vault-Token": clienttoken})
I am getting following error immediately after executing the above line.
{u'errors': [u'error performing token check: failed to look up namespace from the token: no namespace']}
Upvotes: 4
Views: 6078
Answers (3)
Reputation: 37
I have this error when try get/put commands in CLI hashicorp:
Error making API request.
URL: GET http://127.0.0.1:8200/v1/sys/internal/ui/mounts/secret
Code: 500. Errors:
* error performing token check: failed to look up namespace from the token: no namespace
Error was that I'm used "" when set VAULT_TOKEN in env variable
Upvotes: 0
Reputation: 783
instead of "X-Vault-Token: token" header use "Authorization: Bearer token"
Upvotes: 0
Related Questions
- Error making API request when using Vault secrets
- Spring Cloud Vault: Token (spring.cloud.vault.token) must not be empty
- vault read secrets with python
- Aws-vault: Failed to get credentials - InvalidClientTokenId: The security token included in the request is invalid
- How can I fix provider.vault: no vault token found?
- How can I fix error writing to Vault: Error making API request
- Unsupported path error when creating namespace in HashiCorp
- getting "missing client token" while accessing get API of hashicorp vault
- Vault token lookup - Python
- Unable to initialise vault