Hashicorp Vault
Overview
Vault is an identity-based secret and credential manager with high levels of automation, availability, and capability.
Given all of this capability, and the security involved deploying vault is a bit complex, but we'll try not to make it too complicated1
Design
Reference design
The reference design for Vault's integrated storage mechanism, raft includes resilience against both node and availability zone failure.
Installation
Install the vault cluster
Hashicorp provides a nice Helm chart for us to use,
Examine state
Using vault to provide ephemeral secrets
Next Steps
-
https://utorontopress.com/9781442644878/its-not-complicated/ ↩