Breaking News: Grepper is joining You.com. Read the official announcement!
Check it out

Unsealing with Auto Unseal

Add Answer
Sumit Rawal answered on June 5, 2023 Popularity 1/10 Helpfulness 1/10

Contents

  • answer Unsealing with Auto Unseal

    • More Related Answers

  • Unsealing with Transit Auto Unseal

    • Unsealing with Auto Unseal

    Comment
    0

    Auto Unseal uses a cloud or on-premises HSM to decrypt the Master key

    • Vault configuration file identifies the particular key to use for decryption

    • Cloud Auto Unseal automatically unseals Vault upon service or node restart

    without additional intervention

    • Available in both open source and Enterprise editions

    • Formally an Enterprise-only feature until Vault 1.0

    storage "consul" {

    address = "127.0.0.1:8500"

    path = "vault/"

    }

    listener "tcp" {

    address = "0.0.0.0:8200"

    cluster_address = "0.0.0.0:8201"

    }

    seal "awskms" {

    region = "REGION"

    kms_key_id = "KMSKEY"

    }

    api_addr = "https://IPADDRESS:8200"

    ui = true

    seal “awskms” – identifies the type of seal mechanism for the cluster

    region = “REGION” – identifies the region where the KMS key resides

    kms_key_id = “KMSKEY” – identifies the actual KMS key in AWS 

    Popularity 1/10 Helpfulness 1/10 Language whatever
    Source: Grepper
    Tags: auto whatever
    Link to this answer
    Share Copy Link
    Sumit Rawal
    Contributed on Jun 05 2023
    Sumit Rawal
    0 Answers  Avg Quality 2/10

    X

    Continue with Google

    By continuing, I agree that I have read and agree to Greppers's Terms of Service and Privacy Policy.
    X
    Grepper Account Login Required

    Oops, You will need to install Grepper and log-in to perform this action.