Giters

upamune / vault-initializer

[WIP] Automate the initialization and unsealing of HashiCorp Vault on Amazon Web Services or Google Cloud Platform.

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

vault-initializer CircleCI Docker Repository on Quay Go Report Card License: MIT

logo

This is a port of vault-init to AWS/GCP.

Usage

The vault-initializer service is designed to be run alongside a Vault server and communicate over local host.

Configuration

The vault-initializer service supports the following environment variables for configuration:

  • CHECK_INTERVAL - The time in seconds between Vault health checks. (300s)
  • VAULT_ADDR - Address of Vault service. (https://127.0.0.1:8200)
  • KMS_KEY_ID - The Google Cloud KMS or AWS KMS key ID used to encrypt and decrypt the vault master key and root token.
  • REGION - Region of AWS KMS/S3 or GCP KMS/GCS.
  • S3_BUCKET_NAME - The AWS Storage Bucket where the vault master key and root token is stored.
  • GCS_BUCKET_NAME - The Google Cloud Storage Bucket where the vault master key and root token is stored.

About

[WIP] Automate the initialization and unsealing of HashiCorp Vault on Amazon Web Services or Google Cloud Platform.

License:MIT License

Languages

Language:Go 98.0%Language:Dockerfile 2.0%