CONSUL_HTTP_TOKEN doesn't provide access to all keys #18
Comments
|
More specifically, the only keys in the backup are those beginning with "global/" but none of the "local/" keys are there. |
|
This sounds like a bug thanks for reporting @duffrecords, I'll take a closer look at it when I have some time. |
|
I was able to get it to work by setting CONSUL_HTTP_ADDR to 'localhost:8500' but setting it to 'fqdn.of.consul.server:8500' only retrieves keys that are visible with the anonymous token. Apparently the tool is able to authenticate with the local Consul client but not directly with the Consul server itself (I'm running consul-snapshot on a different machine than the Consul server). |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
When I provide a management token in the CONSUL_HTTP_TOKEN environment variable, the resulting backup only contains the key/value pairs that I would see with an anonymous token. Using the same management token in the Consul web UI, I can see everything. I put some debug statements in the consul-snapshot code and confirmed the correct token is read with os.Getenv("CONSUL_HTTP_TOKEN") in consul-snapshot/vendor/github.com/hashicorp/consul/api/api.go.
The text was updated successfully, but these errors were encountered: