I’m trying to use vault in my concourse pipelines. I already have an approle setup in vault and have specified all the needed parameters in my concourse configuration (
CONCOURSE_VAULT_AUTH_PARAM, etc). When the task tries to pull the secrets from vault, I get the error:
failed to interpolate task config: Finding variable 'foo': secrets "pipeline.foo" is forbidden: User "system:serviceaccount:default:concourse-web" cannot get resource "secrets" in API group "" in the namespace "concourse-team_name"
Any help would be greatly appreciated.