Open erez-work opened 4 years ago
This is already available. You need the following config for the helm chart:
server:
extraEnvironmentVars:
AZURE_TENANT_ID: xxx
VAULT_AZUREKEYVAULT_VAULT_NAME: xxx
VAULT_AZUREKEYVAULT_KEY_NAME: unseal-key
VAULT_SEAL_TYPE: azurekeyvault
extraSecretEnvironmentVars:
- envName: AZURE_CLIENT_ID
secretName: my-secret
secretKey: AZURE_CLIENT_ID
- envName: AZURE_CLIENT_SECRET
secretName: my-secret
secretKey: AZURE_CLIENT_SECRET
Is your feature request related to a problem? Please describe. I want the vault to be auto unsealed when a Kubernetes pod running the vault restarts.
Describe the solution you'd like Best solution would be helm chart values, similar to Google KMS or Amazon EKS as described here: https://www.vaultproject.io/docs/platform/k8s/helm/run#google-kms-auto-unseal