You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Expected is:
I configure the nomad backend without token and set the token via vault cli afterwards.
Alternative is:
I configure the nomad backend without token and nomad acl system will be bootstraped by vault, without sharing the root token (like in the consul_backend).
Actual Behavior
We get an error that the (optional) parameter token is not given.
But the secret backend is created in vault.
We have to import the new created resource to create all depended resources, which is annoying.
Relevant Error/Panic Output Snippet
# First run:
vault_nomad_secret_backend.config: Creating...
╷
│ Error: error writing "nomad/config/access": Error making API request.
│
│ URL: PUT https://vault.example.com/v1/nomad/config/access
│ Code: 400. Errors:
│
│ * Token not provided and failed to bootstrap ACLs
│
│ with vault_nomad_secret_backend.config,
│ on main.tf line 1, in resource "vault_nomad_secret_backend""config":
│ 1: resource "vault_nomad_secret_backend""config" {
│
╵
ERRO[0003] terraform invocation failed
# Second run:
vault_nomad_secret_backend.config: Creating...
╷
│ Error: error mounting to "nomad": Error making API request.
│
│ URL: POST https://vault.example.com/v1/sys/mounts/nomad
│ Code: 400. Errors:
│
│ * path is already in use at nomad/
│
│ with vault_nomad_secret_backend.config,
│ on main.tf line 1, in resource "vault_nomad_secret_backend""config":
│ 1: resource "vault_nomad_secret_backend""config" {
│
╵
ERRO[0007] terraform invocation failed
Terraform Core Version
1.8.5
Terraform Vault Provider Version
3.23.0
Vault Server Version
1.16.1
Affected Resource(s)
Expected Behavior
As described in the provider documentation the token is optional.
Also Vault CLI documentation states that it's possible to set the nomad token afterwards.
Expected is:
I configure the nomad backend without token and set the token via vault cli afterwards.
Alternative is:
I configure the nomad backend without token and nomad acl system will be bootstraped by vault, without sharing the root token (like in the consul_backend).
Actual Behavior
We get an error that the (optional) parameter token is not given.
But the secret backend is created in vault.
We have to import the new created resource to create all depended resources, which is annoying.
Relevant Error/Panic Output Snippet
Terraform Configuration Files
Steps to Reproduce
terraform apply
terraform apply
Debug Output
No response
Panic Output
No response
Important Factoids
No response
References
No response
Would you like to implement a fix?
No
The text was updated successfully, but these errors were encountered: