Error making API request | Permission denied

[Pooja]

Hello,

I've started exploring Vault with provision of PostgreSQL as a backend.

Below is the configuration file.

config.hcl

storage "postgresql" {

  connection_url = "postgres://postgresuser:pswd@localhost:5432/vault?sslmode=disable"

}

listener "tcp" {

  address     = "127.0.0.1:8200"

  tls_disable = 1

}

disable_mlock = true

echo $VAULT_ADDR

http://127.0.0.1:8200

vault secrets list -detailed

Error listing secrets engines: Error making API request.

URL: GET http://127.0.0.1:8200/v1/sys/mounts

Code: 403. Errors:

* permission denied

vault policy list

Error listing policies: Error making API request.

URL: GET http://127.0.0.1:8200/v1/sys/policies/acl?list=true

Code: 403. Errors:

* permission denied

Every time I use any command to list, read/write policies or view details in the specific path, it throws permission denied.

Yet, I've attempted to re-generate the root token. Here is the vault status.

vault status

Key             Value

---             -----

Seal Type       shamir

Initialized     true

Sealed          false

Total Shares    5

Threshold       3

Version         1.5.0

Cluster Name    vault-cluster-edbc23dc

Cluster ID      5c1af366-efe4-0d18-a55d-856cd6f170f8

HA Enabled      false

In addition to above details, I'm able to login to the vault.

Can someone help me to understand what could be the reason for permission denied all the time?

[Lowe Schmidt]

Did you set $VAULT_TOKEN ?

How did you login? cli or web?

--

Lowe Schmidt | +46 723 867 157

--
In the coming weeks, inbound messages to this group will be disabled, and it will be used for outbound announcements only. To prepare for this switch, please direct questions and conversations to our primary medium to communicate with practitioners: https://discuss.hashicorp.com/c/vault/30. We look forward to collaborating with you there!
 
GitHub Issues: https://github.com/hashicorp/vault/issues
 
This mailing list is governed under the HashiCorp Community Guidelines - https://www.hashicorp.com/community-guidelines.html. Behavior in violation of those guidelines may result in your removal from this mailing list.
---
You received this message because you are subscribed to the Google Groups "Vault" group.
To unsubscribe from this group and stop receiving emails from it, send an email to vault-tool+...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/vault-tool/c21865ca-f727-4ee7-bde4-30bc9047b080n%40googlegroups.com.

[Pooja]

Thanks Lowe Schmidt. I've integrated vault in the application with the base language Go. Further, I've exported the variable VAULT_TOKEN and it is seems to be working now.

[Alexandra Freeman]

Hello and thank you for your email!

On June 3, 2019 HashiCorp launched Discuss, a forum to facilitate dialogue within the HashiCorp community. This format allows answers to be more readily searched and indexed, making it easier to find answers to existing questions and to share knowledge with each other.

The HashiCorp team will be shifting to interact with practitioners on the forum, and we will be phasing out the Google Groups; soon we will disable incoming messages, and use this group for outbound announcements only.

To prepare for this switch, please direct questions and conversations to the Vault discussion forum. We look forward to collaborating with you there!