Introduction
Problem
The "'kubernetes_namespace' is required" error is returned to the end user even though only one K8S namespace is specified to the "allowed_kubernetes_namespaces" parameter in the Kubernetes Secrets engine role.
Cause
- Receiving this error message is dictated by the Vault server itself. Even though having a newer Vault binary version as a client, the "kubernetes_namespace" parameter should be specified upon requests for generating credentials.
- The following PR, which is incorporated into the newer versions of the Vault server, allows to omission of the "kubernetes_namespace" parameter when requesting K8S credentials and only one K8S namespace is specified in the K8S secrets engine role.
Overview of possible solutions (if applicable)
Solutions:
- Upgrading Vault to the newest version which incorporates the following PR would allow requesting credentials from the K8S secrets engine omitting the "kubernetes_namespace" parameter when only one K8S namespace is specified for the role requested.