I have upgrade from spring-vault-core 2.3.3 to 3.1.1 and using AwsIamAuthentication
public ClientAuthentication createClientAuthentication() {
AwsCredentialsProvider credentialsProvider = DefaultCredentialsProvider.create();
AwsIamAuthenticationOptions options = AwsIamAuthenticationOptions.builder()
.credentialsProvider(credentialsProvider)
.region(Region.US_WEST_2). I have tried adding this filed in 3.1.1 as vault and instances are in us-west-2
.role(InfrastructureInfo.getInstance().getVaultRole())
.build();
return new AwsIamAuthentication(options, VaultUtils.getRestOptions());
}
Exception-
org.springframework.vault.authentication.VaultLoginException: Cannot login using AWS-IAM: error making upstream request: received error code 403 from STS: ](https://sts.amazonaws.com/doc/2011-06-15/%22%3E)
Sender
SignatureDoesNotMatch
Credential should be scoped to a valid region.
b38c3d6a-ae0a-4f08-b768-94ad7b53b82e
Java-17
SpringBoot-3.2.0
Spring Framework- 6.1.+
From CLI I am able to read data.
Vault v1.9.4
I have upgrade from spring-vault-core 2.3.3 to 3.1.1 and using AwsIamAuthentication
public ClientAuthentication createClientAuthentication() {
AwsCredentialsProvider credentialsProvider = DefaultCredentialsProvider.create();
AwsIamAuthenticationOptions options = AwsIamAuthenticationOptions.builder()
.credentialsProvider(credentialsProvider)
.region(Region.US_WEST_2). I have tried adding this filed in 3.1.1 as vault and instances are in us-west-2
.role(InfrastructureInfo.getInstance().getVaultRole())
.build();
return new AwsIamAuthentication(options, VaultUtils.getRestOptions());
}
Exception-
org.springframework.vault.authentication.VaultLoginException: Cannot login using AWS-IAM: error making upstream request: received error code 403 from STS: ](https://sts.amazonaws.com/doc/2011-06-15/%22%3E)
Sender
SignatureDoesNotMatchCredential should be scoped to a valid region.
b38c3d6a-ae0a-4f08-b768-94ad7b53b82e
Java-17
SpringBoot-3.2.0
Spring Framework- 6.1.+
From CLI I am able to read data.
Vault v1.9.4