relaycorp / cloud-gateway

Infrastructure as Code and configuration for all Awala-Internet Gateways run by Relaycorp

MIT License

1 stars 1 forks source link

Replace HashiCorp Vault with GCP KMS #85

Closed gnarea closed 2 years ago

gnarea commented 2 years ago

Describe the problem

Vault is a complex system to maintain, especially in production, as it uses many Kubernetes resources, a GCS bucket and a KMS keyring.

Describe the solution you'd like

Use GCP KMS in production, whilst keeping Vault in development.

This is what we'd need to do:

[x] https://github.com/relaycorp/relayverse/issues/37
[x] Integrate the new private key store in the gateway
[ ] Release new gateway version to production.

Additional context