Hardcoded paths in kv_v2.py: "/v1/{mount_point}/data/{path}", mount_point=mount_point, path=path #963
-
Hey team, `hvac.exceptions.Forbidden: 1 error occurred: , on get https://url.to.vault:8200/v1/secret/data/{myPath}` I changed the module code to test and was able successfully read secrets. Only tested this on line 150 in kv_v2.py but it's not the only place I see it hardcoded. Is there way to override this? |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment 2 replies
-
Hi @WastedAccounts , it sounds like your Vault secret store might be KV version 1 rather than version 2. There is no way to turn off the You can check in Vault which version of the KV store it is, or you can confirm with your Vault team if you don't have direct permissions to do so. In the meantime you may want to try the KVv1 method: https://hvac.readthedocs.io/en/stable/usage/secrets_engines/kv_v1.html#read-a-secret |
Beta Was this translation helpful? Give feedback.
Hi @WastedAccounts , it sounds like your Vault secret store might be KV version 1 rather than version 2. There is no way to turn off the
/data/
portion of the path in v2.You can check in Vault which version of the KV store it is, or you can confirm with your Vault team if you don't have direct permissions to do so.
In the meantime you may want to try the KVv1 method: https://hvac.readthedocs.io/en/stable/usage/secrets_engines/kv_v1.html#read-a-secret