Vault: mysql secrets- is too long for user name (should be no longer than 16)
Describe the bug
It throws error
Error reading database/creds/my-role: Error making API request.
URL: GET http://127.0.0.1:8200/v1/database/creds/my-role
Code: 500. Errors:
* 1 error occurred:
* Error 1470: String 'v-root-my-role-04yrqqq9psw9282p5' is too long for user name (should be no longer than 16)
To Reproduce
Steps to reproduce the behavior:
- Run
vault write database/roles/my-role db_name=my-mysql-database creation_statements="CREATE USER '{{name}}'@'%' IDENTIFIED BY '{{password}}';GRANT SELECT ON *.* TO '{{name}}'@'%';" default_ttl="20s" max_ttl="1m"
Output:
Success! Data written to: database/roles/my-role
Expected behavior
The mysql user should be of less than 16 char or there should be other way to specify the number of character
Environment:
- Vault Server Version (retrieve with
vault status): 0.10.1 - Vault CLI Version (retrieve with
vault version): Vault v0.10.1 ('756fdc4587350daf1c65b93647b2cc31a6f119cd') - Server Operating System/Architecture: Ubuntu18.04 - 64
PS: It works fine the same way with deprecated MySQL Secrets Engine.
dwdraju
All 3 comments
The mysql-legacy-database-plugin plugin type exists for this exact reason, could you try using that version?
briankassouf
on 21 May 2018
👍1
Oh, mysql-legacy-database-plugin is working fine. So, the update on mysql-database-plugin is on way? Or there is other way to use it? Thanks. @briankassouf
dwdraju
on 21 May 2018
There are no plans to update mysql-database-plugin for this issue. mysql-legacy-database-plugin is exactly the same except it is compatible with older versions of MySQL.
briankassouf
on 21 May 2018
👍2
Was this page helpful?
0 / 5 - 0 ratings
Related issues
pbolle
路
3Comments
gtmtech
路
3Comments
0x9090
路
3Comments
maxsivanov
路
3Comments
andris9
路
3Comments
Most helpful comment
There are no plans to update
mysql-database-pluginfor this issue.mysql-legacy-database-pluginis exactly the same except it is compatible with older versions of MySQL.