According to comments in the cnf file hashicorp_key_management.cnf, hashicorp-key-management-vault-url must always contain /v1/:
- HTTP[s] URL that is used to connect to the Hashicorp Vault server.
- It must include the name of the scheme ("https://" for a secure
- connection) and, according to the API rules for storages of the
- key-value type in Hashicorp Vault, after the server address, the
- path must begin with the "/v1/" string (as prefix), for example:
It is good that the cnf template mentions it, but it should also be mentioned in the documentation.
Moreover, if it's cut in stone, maybe the plugin could include it into the parameter verification and throw an error if the URL doesn't contain it.