Good Morning, We are trying to get Hashicorp Vault setup as a parameter provider in 2.0.0-M2. Our configuration for the Hashicorp vault client is shown below and DEBUG is turned on.
[cid:image001.png@01DAA511.351D7140] This configuration enables fine but when we try to fetch parameters from our parameter provider we get the following error: [cid:image002.png@01DAA511.351D7140] We are able to verify that vault can be contacted and secrets can be read using this authentication method in a bash script on the same vm that nifi is running on. If we change to TOKEN as vault authentication and provide the token as vault.token it will pull all parameters back successfully as well. The only thing that is logged in nifi for AWS-EC2 vault authentication is what we get in the message above and appears in the nifi-user.log and is as follows: 2024-05-13 12:49:48,385 WARN [NiFi Web Server-28656] o.a.n.w.a.c.IllegalStateExceptionMapper java.lang.IllegalStateException: Error fetching parameters for ParameterProvider[id=58b51291-018f-1000-add9-321ba3a9df06]: Cannot login using AWS-EC2: missing client token. Returning Conflict response. java.lang.IllegalStateException: Error fetching parameters for ParameterProvider[id=58b51291-018f-1000-add9-321ba3a9df06]: Cannot login using AWS-EC2: missing client token We tried adding vault.asw-ec2.aws-ec2-path as well as an environment variable for VAULT_NAMESPACE, neither of which changed anything. Any thoughts or ideas would be greatly appreciated! Thanks Mark Moore Software Developer - BI & Analytics Time: GMT -6:00 mmoo...@solventum.com<mailto:mmoo...@solventum.com> [A black background with green text Description automatically generated]
