我在本地k8s集群中启动了一个Vault实例,该实例已启动并正在运行。然后,我登录到pod并运行vault kv put secret/config foo=world。但是我得到了错误:
Error making API request.
URL: GET https://127.0.0.1:8200/v1/sys/internal/ui/mounts/secret/config
Code: 403. Errors:
* preflight capability check returned 403, please ensure client's policies grant access to path "secret/config/"
然后,我尝试对路径test-user附加 full 策略的enable userpass(用户:training和密码:secret/abc/*)。然后,我运行命令:
vault kv put secret/lsdc username='test-user' password='training' ttl='30000s'
但是,我仍然得到相同的错误输出。是什么原因?