Vault .NET - Invalid path for a versioned K/V secrets engine

Question

I've added all my configuration details in the Vault. The detail you can see in the attached image below. This follows a specific path i.e kv/unistad/dev/workflow/camunda/1.0

However, when I try to read this information using Vault.NET with the following nuget package

Install-Package Vault

My code looks something like this:

var endpoint = "http://openblue-bridge.com:32270";
var token = "s.inklpUdNxet1ZJtaCLMpEIPA";

var vaultClient = new VaultClient(new Uri(endpoint), token);

string project = "unistad";
string environment = "dev";
string appVersion = "1.0";
var secretPath = $"kv/{project}/{environment}/workflow/camunda/{appVersion}";
// Use client to read a key-value secret.
var secrets = await vaultClient.Secret.Read< Dictionary<string, string>> (secretPath);

When I run the above code I get the following error:

Invalid path for a versioned K/V secrets engine. See the API docs for the appropriate API endpoints to use. If using the Vault CLI, use 'vault kv get' for this operation.

I'm not sure how can I fix this error. Any help would be really appreciated.

Answer 1

You are using v2 of the kv engine. For that engine, you need to have /data/ in the path, as shown in the API docs. The requirement for this prefix is also described in the engine docs.

So the solution to your problem is specifically to change your path from

var secretPath = $"kv/{project}/{environment}/workflow/camunda/{appVersion}";

to

var secretPath = $"kv/data/{project}/{environment}/workflow/camunda/{appVersion}";