https://github.com/duaraghav8/vault-setup

Minimal setup for a production-grade Vault cluster
https://github.com/duaraghav8/vault-setup

aws devops secret-management security vault

Last synced: 9 months ago
JSON representation

Minimal setup for a production-grade Vault cluster

• Host: GitHub
• URL: https://github.com/duaraghav8/vault-setup
• Owner: duaraghav8
• Created: 2019-05-12T11:07:01.000Z (almost 7 years ago)
• Default Branch: master
• Last Pushed: 2019-07-28T04:48:41.000Z (over 6 years ago)
• Last Synced: 2025-03-15T23:42:06.965Z (about 1 year ago)
• Topics: aws, devops, secret-management, security, vault
• Language: HCL
• Homepage:
• Size: 27.3 KB
• Stars: 0
• Watchers: 1
• Forks: 1
• Open Issues: 0
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

README

          
# vault-setup

This repository demonstrates setup for a minimal production-grade [Vault](https://www.vaultproject.io/) cluster. I made it for my own practice.

1. Run Packer with `ami/vault.json` to build the AMI. This AMI will be used to create Vault servers.

2. Run Terraform inside `infrastructure/` to build a High-Availability Vault cluster with DynamoDB as Storage backend.

3. Use AWS Session Manager to get Shell access inside one of the Vault machines. Post initialization, Vault should be unsealed automatically via AWS KMS.

4. Head to `configuration/` to configure Vault in automation. Vault cluster's address and root token need to be supplied to this module in order to configure the cluster.

See documentation inside a specific directory for details on that step.