ansible-vault icon indicating copy to clipboard operation
ansible-vault copied to clipboard

Published 20 hours ago verified publisher icon ansible-community

Help with transit auto-unseal example

Open vacquah opened this issue 1 year ago • 6 comments

Is there an example of how to apply the transit auto-unseal variables with this role? I have a cluster with 3 vault servers in HA mode. Will like to implement transit auto-unseal through the role instead of doing it manually. I am confused about how/where to get the token from in the first place.

Is this enough on each vault server node to get it setup?

    vault_transit: true
    vault_transit_address: http://127.0.0.1:8200  ???
    vault_transit_token: '' ????
    vault_transit_disable_renewal: false
    vault_transit_key_name: 'autounseal'
    vault_transit_mount_path: "transit/"
    vault_transit_tls_skip_verify: true

vacquah avatar Dec 14 '22 21:12 vacquah