Summary:
This article explains the cause and resolution of the following error encountered in HCP Boundary when attempting to authorize a session to a target using Vault credentials:
targets.(service).AuthorizeSession: vault.(Repository).Issue: vault.(genericIssuingCredentialLibrary).client: unable to create vault client: vault.vaultClientFactory: vault.newClient: invalid configuration: parameter violation: error #100
Issue:
Users may encounter this error while attempting to connect to a target in HCP Boundary that uses a Vault credential store. The error indicates that Boundary is unable to initialize a Vault client due to invalid configuration parameters.
Root Cause:
This error typically occurs when the Vault token configured in the HCP Boundary credential store has expired or is no longer valid. It may also arise if the token was expected to auto-renew but failed to do so due to a configuration or connectivity issue.
Resolution:
Renewing the Vault token used in the HCP Boundary credential store resolves the issue. You can do this by updating the credential store in Boundary with a new or refreshed Vault token. Refer this.
Steps:
- Generate or renew a valid Vault token. Refer this.
- Update the HCP Boundary credential store with the new token. Refer this.
- Retry connecting to the target.
References :
https://developer.hashicorp.com/boundary/docs/concepts/domain-model/credential-stores