ansible-vault
ansible-vault copied to clipboard
ansible-community
:key: Ansible role for Hashicorp Vault
Can someone please walk me through the process of enabling TLS communications using this role? I tried enabling it, but I am still missing something and the main config file...
I was a bit suprised that the API check uses the ip address of a vault host instead of the FQDN. Is there specific reasoning behind this? As it uses...
Thanks.
Var used to enable or disable the use of the default instance service account, on gcp kms auto-unseal 😉 Follows the same pattern/behavior as the [vault_gcs_copy_sa](https://github.com/ansible-community/ansible-vault#vault_gcs_copy_sa) var. Also the default...
Prior to this PR, `vault_api_addr` and `vault_cluster_addr` were defined using the IPv4 address of the default interface of the host. Moreover, a variable named `vault_hostname` was used to run the...
Fixes https://github.com/ansible-community/ansible-vault/pull/227 , also useful for setting `disable_performance_standby=true` for vault enterprise , and probably a ton of other options !
Just upgraded to Vault 1.10.3 Enterprise. I read this message in the Vault log: `2022-06-03T16:11:53.387-0400 [WARN] unknown or unsupported field tls_prefer_server_cipher_suites found in configuration at /etc/vault.d:20:3` It's just a warning,...
While reviewing the official [Hashicorp Vault Hardening guidelines](https://learn.hashicorp.com/tutorials/vault/production-hardening), I found a difference between in the [systemd unit of this repository](https://github.com/ansible-community/ansible-vault/blob/master/templates/vault_service_systemd.j2#L24) and the official units installed with [hashicorp linux packages](https://github.com/hashicorp/vault/blob/main/.release/linux/package/usr/lib/systemd/system/vault.service#L20). One...
Metadata
Owner
Metadata
:key: Ansible role for Hashicorp Vault