使用 Spring Cloud HOXTON.SR6,配合 Spring boot 2.3.2
启动服务时,尝试访问“/secret/application”和“/secret/application/{profile}”时出现 403 错误。这些路径中的“应用程序”应替换为我的应用程序名称。
错误:
[RequestedSecret [path='secret/application/{profile}’, mode=ROTATE]] Lease [leaseId='null', leaseDuration=PT0S, renewable=false] Status 403 Forbidden [secret/application/{profile}]: 1 error occurred: * permission denied ; nested exception is org.springframework.web.client.HttpClientErrorException$Forbidden: 403 Forbidden: [{"errors":["1 error occurred:\n\t* permission denied\n\n"]} ] org.springframework.vault.VaultException: Status 403 Forbidden [secret/application/{profile}]: 1 error occurred: * permission denied ; nested exception is org.springframework.web.client.HttpClientErrorException$Forbidden: 403 Forbidden: [{"errors":["1 error occurred:\n\t* permission denied\n\n"]} ]
如果我设置 spring.cloud.vault.generic.enabled = false,替换工作正常并且错误消失。问题是这个属性被设置为弃用。那么有什么办法呢?
错误存在于:
spring:
cloud:
vault:
authentication: approle
app-role:
role-id: <<role-id>>
secret-id: <<secret-id>>
kv:
enabled: true
backend: secret
application-name: <<application-name>>
default-context: <<application-name>>
host: <<vault-host>>
但不再是:
spring:
cloud:
vault:
authentication: approle
app-role:
role-id: <<role-id>>
secret-id: <<secret-id>>
kv:
enabled: true
backend: secret
application-name: <<application-name>>
default-context: <<application-name>>
generic:
enabled: false
host: <<vault-host>>
我应该以不同的方式使用它吗?