upstream/vault
1
0
Fork 0
mirror of https://github.com/hashicorp/vault.git synced 2026-06-12 10:21:47 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 9

Note that GCP auth method needs iam API enabled (#5339)

Browse source 
In addition to the specific permissions that are already mentioned, the project also needs the `iam.googleapis.com` API enabled, otherwise authenticating will fail with an error similar to:

```
Error authenticating: Error making API request.

URL: PUT https://localhost:8200/v1/auth/gcp/login
Code: 400. Errors:

* could not find service account key or Google Oauth cert with given 'kid' id
```
This commit is contained in:
Chris Pick 2018-10-01 13:09:32 -04:00 committed by Brian Kassouf
parent c214e49812
commit e77f08d4e6
1 changed files with 2 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
website/source/api/auth/gcp/index.html.md
View file

@ -41,6 +41,8 @@ to confirm signed JWTs passed in during login.
If this value is empty, Vault will try to use [Application Default
Credentials][gcp-adc] from the machine on which the Vault server is running.
The project must have the `iam.googleapis.com` API [enabled](https://console.cloud.google.com/flows/enableapi?apiid=iam.googleapis.com).
- `google_certs_endpoint` `(string:
"https://www.googleapis.com/oauth2/v3/certs")`: The Google OAuth2 endpoint