After upgrading Terraform Enterprise to v-202207 when using an external vault the application may fail to start
The support bundle will show the following message in the tfe-atlas.stderr
2022-07-21T04:26:46.454325000Z Vault::HTTPClientError: The Vault server at `https://example.com/Vault/general/prod/v2' responded with a 403.
2022-07-21T04:26:46.454443000Z Any additional information the server supplied is shown below:
2022-07-21T04:26:46.454519000Z * 1 error occurred:
2022-07-21T04:26:46.454552000Z * permission denied
- With release v202207 the External Vault policy has been updated to use specific API paths instead of wildcard matching.
- Update the External Vault policy as per documentation
- Restart the Terraform Enterprise application via
replicatedctl app stopfollowed by
replicatedctl app start
Updating the External Vault policy should resolve the issue.
If you continue to experience the issues after following this guide, please contact HashiCorp Support to request for further assistance.