8000 hvac.exceptions.Forbidden: permission denied, · Issue #593 · hvac/hvac · GitHub
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content
hvac.exceptions.Forbidden: permission denied, #593
New issue
New issue
Open
Open
hvac.exceptions.Forbidden: permission denied,#593
Labels
awsAWS auth method and/or secrets enginequestionQuestions requesting clarification or guidance on hvac usage
@jagarlamudisrinath

Description

@jagarlamudisrinath
jagarlamudisrinath
opened on May 24, 2020

I am able to authenticate to the vault using the below command.

vault login -method=aws role=dev-role

The same thing I want to achieve with apis.
below is my python code:

import hvac
client = hvac.v1.Client(url="http://172.31.62.157:8200")
pk = """MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAaCAJIAEggHdewogICJhY2NvdW50SWQiIDogIjc5OTQ1Njc3MzczMyIsCiAgImFyY2hpdGVjdHVyZSIgOiAieDg2XzY0IiwKICAiYXZhaWxhYmlsaXR5Wm9uZSIgOiAidXMtZWFzdC0xZiIsCiAgImJpbGxpbmdQcm9kdWN0cyIgOiBudWxsLAogICJkZXZwYXlQcm9kdWN0Q29kZXMiIDogbnVsbCwKICAibWFya2V0cGxhY2VQcm9kdWN0Q29kZXMiIDogbnVsbCwKICAiaW1hZ2VJZCIgOiAiYW1pLTA4ODg0OWJlNTNlNjhhMDhhIiwKICAiaW5zdGFuY2VJZCIgOiAiaS0wM2NlOTJmMWU3ZmFhN2I3ZSIsCiAgImluc3RhbmNlVHlwZSIgOiAidDMubGFyZ2UiLAogICJrZXJuZWxJZCIgOiBudWxsLAogICJwZW5kaW5nVGltZSIgOiAiMjAyMC0wNS0yNFQwNzozNTowNVoiLAogICJwcml2YXRlSXAiIDogIjE3Mi4zMS43Ny4xODIiLAogICJyYW1kaXNrSWQiIDogbnVsbCwKICAicmVnaW9uIiA6ICJ1cy1lYXN0LTEiLAogICJ2ZXJzaW9uIiA6ICIyMDE3LTA5LTMwIgp9AAAAAAAAMYIBFzCCARMCAQEwaTBcMQswCQYDVQQGEwJVUzEZMBcGA1UECBMQV2FzaGluZ3RvbiBTdGF0ZTEQMA4GA1UEBxMHU2VhdHRsZTEgMB4GA1UEChMXQW1hem9uIFdlYiBTZXJ2aWNlcyBMTEMCCQCWukjZ5V4aZzAJBgUrDgMCGgUAoF0wGAYJKoZIhvcNAQkDMQsGCSqGSIb3DQEHATAcBgkqhkiG9w0BCQUxDxcNMjAwNTI0MDczNTA5WjAjBgkqhkiG9w0BCQQxFgQUy7sUzwb9dwGWoopVF0OzK8fIVPUwCQYHKoZIzjgEAwQuMCwCFA4rpnZe/xZrsB8/lOPBTDuIvkf7AhRlRHqrdn05eNBYS4gfqjNKIGF+rAAAAAAAAA=="""
client.auth_ec2(pkcs7=pk,role="dev-role")

but it is giving below error.

vault.py:5: DeprecationWarning: Call to deprecated function 'auth_ec2'. This method will be removed in version '0.11.2' Please use the 'ec2_login' method on the 'hvac.api.auth_methods.aws' class moving forward.
client.auth_ec2(pkcs7=pk,role="dev-role")
Traceback (most recent call last):
File "vault.py", line 5, in
client.auth_ec2(pkcs7=pk,role="dev-role")
File "/home/admin/.local/lib/python2.7/site-packages/hvac/utils.py", line 179, in new_func
return method(*args, **kwargs)
File "/home/admin/.local/lib/python2.7/site-packages/hvac/v1/init.py", line 679, in auth_ec2
return self.login('/v1/auth/{0}/login'.format(mount_point), json=params, use_token=use_token)
File "/home/admin/.local/lib/python2.7/site-packages/hvac/v1/init.py", line 1251, in login
**kwargs
File "/home/admin/.local/lib/python2.7/site-packages/hvac/adapters.py", line 178, in login
response = self.post(url, **kwargs)
File "/home/admin/.local/lib/python2.7/site-packages/hvac/adapters.py", line 107, in post
return self.request('post', url, **kwargs)
File "/home/admin/.local/lib/python2.7/site-packages/hvac/adapters.py", line 342, in request
response = super(JSONAdapter, self).request(*args, **kwargs)
File "/home/admin/.local/lib/python2.7/site-packages/hvac/adapters.py", line 309, in request
errors=errors
File "/home/admin/.local/lib/python2.7/site-packages/hvac/utils.py", line 41, in raise_for_error
raise exceptions.Forbidden(message, errors=errors, method=method, url=url)
hvac.exceptions.Forbidden: permission denied, on post http://172.31.62.157:8200/v1/auth/aws-ec2/login

Metadata

Metadata

Assignees

No one assigned

    Labels

    awsAWS auth method and/or secrets enginequestionQuestions requesting clarification or guidance on hvac usage

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions
      0