You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Code: 400. Errors:
* failed to validate SecretID: source address "127.0.0.1" unauthorized through CIDR restrictions on the role
Hi, was struggling to make Vault check CIDR restriction behind Nginx reverse proxy but it seems bound_cidr_list does not work behind reverse proxy for AppRole and it's not looking or checking X-Forwarded-For, X-Real-IP in request headers. I checked with tcpdump and X-Forwarded-For, X-Real-IP passed correctly.
This is highly needed in terms of security and running Vault in production.
The text was updated successfully, but these errors were encountered:
Vault version 0.7.0
Hi, was struggling to make Vault check CIDR restriction behind Nginx reverse proxy but it seems bound_cidr_list does not work behind reverse proxy for AppRole and it's not looking or checking X-Forwarded-For, X-Real-IP in request headers. I checked with tcpdump and X-Forwarded-For, X-Real-IP passed correctly.
This is highly needed in terms of security and running Vault in production.
The text was updated successfully, but these errors were encountered: