You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
But I am getting below error 2021-02-15T10:47:09.088Z [WARN] failed to unseal core: error="stored unseal keys are supported, but none were found"
2021-02-15T10:47:14.088Z [INFO] core: stored unseal keys supported, attempting fetch
2021-02-15T10:47:14.092Z [WARN] failed to unseal core: error="stored unseal keys are supported, but none were found"
I know this error comes because of KMS keys and keyring are not correct. But I don't know where I am doing mistake here.
I followed this issue #77 for my reference but could not resolve it. I went to document @jasonodonnell provided into that link. But it did not help me either.
Could anyone please help me here?
The text was updated successfully, but these errors were encountered:
Thank you Payal and Brett, the info from you has helped me resolve the same issue.
One small update for anyone that finds this issue in future: the Vault Helm chart uses capitalization serviceAccount, instead of serviceaccount like Payal originally wrote. The template is case-sensitive.
I am trying to launch with workload identity so that i don't mount Service account key.
Below Steps i followed
--permissions=cloudkms.cryptoKeyVersions.useToEncrypt,cloudkms.cryptoKeyVersions.useToDecrypt,cloudkms.cryptoKeys.get
gcloud kms keyrings add-iam-policy-binding vault-keyring
--location=us-east4
--member=serviceAccount:[email protected]
--role=projects/PROJECT-NAME/roles/vaultunseal
gcloud iam service-accounts add-iam-policy-binding
--role roles/iam.workloadIdentityUser
--member "serviceAccount:PROJECT-NAME.svc.id.goog[KUBE-NAMESPACE/KUBE-VAULT-SERVICE-ACCOUNT-NAME]"
[email protected]
But I am getting below error
2021-02-15T10:47:09.088Z [WARN] failed to unseal core: error="stored unseal keys are supported, but none were found"
2021-02-15T10:47:14.088Z [INFO] core: stored unseal keys supported, attempting fetch
2021-02-15T10:47:14.092Z [WARN] failed to unseal core: error="stored unseal keys are supported, but none were found"
I know this error comes because of KMS keys and keyring are not correct. But I don't know where I am doing mistake here.
I followed this issue #77 for my reference but could not resolve it. I went to document @jasonodonnell provided into that link. But it did not help me either.
Could anyone please help me here?
The text was updated successfully, but these errors were encountered: