-
When you configure Vault with Auto-unseal, you get Recovery Keys.
The name itself makes a strong implication that their purpose is to recover Vault when the auto-unseal is down.
But actually thi…
-
**Is your feature request related to a problem? Please describe.**
HSMs are expensive and require Vault Enterprise. KMS solutions only work in the cloud. TPM-based auto-unseal would allow for auto-…
-
As opened in [hashicorp/vault#20338](https://github.com/hashicorp/vault/issues/20338), I'd like to use [Open Telekom Cloud KMS]() in order to auto-unseal Vault.
_Started a fork in order to try to i…
-
Vault can be auto unsealed by using the keys from aws kms. See #307. Credentials can be passed via kube2iam or via accessKey/SecretKey pair.
-
**Is your feature request related to a problem? Please describe.**
We need to plan for a scenario where someone accidentally deletes a KMS key, or KMS itself is inaccessible in a region or an account…
-
I'm using this module to deploy vault as part of the AWS EKS Blueprints Terraform solution. I noticed that this addon module doesn't currently support Auto Unseal of Hashi Vault. Does it make sense t…
-
When setting up vault with azure stack you have the option to provide a custom arm endpoint
https://www.vaultproject.io/docs/configuration/storage/azure#arm_endpoint
when setting up azure as the st…
-
every time I start the kind k8s cluster I need to unseal vault, check if it is possible to auto unseal it every time I restart kind
-
**Is your feature request related to a problem? Please describe.**
As it currently stands, once Bao is configured to use an auto-unseal mechanism, that mechanism is the _only_ way to unseal Bao. If t…
-
Is there an example of how to apply the transit auto-unseal variables with this role? I have a cluster with 3 vault servers in HA mode. Will like to implement transit auto-unseal through the role ins…