我已在AWS EC2服务器上安装了Hashicorp Vault,并尝试使用“AWS身份验证”在AWS Lambda函数中访问存储在Vault中的秘密密钥,但是我遇到了以下错误。
{u'errors': [u'error performing token check: failed to look up namespace from the token: no namespace']}
我基本上正在执行以下操作。
Installed Hashicorp Vault in EC2 server, enabled AWS authentication
Set up policy & role in the Vault using an AWS role
Created a Python-based AWS Lambda function that is generating signed AWS STS request
Using the signed request, successfully login to the vault server. The response is as follows.
{ u'lease_id': u'', u'warnings': [ u'TTL of "768h" exceeded the effective max_ttl of "500h"; TTL value is capped accordingly' ], u'wrap_info': None, u'auth': { u'token_policies': [ u'default', u'examplepolicy' ], u'orphan': True, u'entity_id': u'xxxxxxxxxxxxxx', u'token_type': u'service', u'lease_duration': 1800000, u'policies': [ u'default', u'examplepolicy' ], u'client_token': u'xxxxxxxxxxxxxx', u'accessor': u'xxxxxxxxxxxxxx', u'renewable': True, u'metadata': { u'auth_type': u'iam', u'account_id': u'xxxxxxxxxxxxxx', u'role_id': u'xxxxxxxxxxxxxx' } }, u'lease_duration': 0, u'request_id': u'xxxxxxxxxxxxxx', u'data': None, u'renewable': False
}
Now using the client-token from above response trying to fetch a secret key as shown below
secretKey = requests.get(url1,headers = {"X-Vault-Token": clienttoken})
I am getting following error immediately after executing the above line.
{u'errors': [u'error performing token check: failed to look up namespace from the token: no namespace']}