Raoof Mohammed
Raoof Mohammed
Vault can be auto unsealed by using the keys from aws kms. See #307. Credentials can be passed via kube2iam or via accessKey/SecretKey pair.
Vault should be auto initialized and the keys should be sent to aws kms. Either kube2iam be used to pass the aws credentials or accessKey/SecretKey pair can be used too....
It would be great to have a way to specify a secondary vault cluster running in a different region(DC) via vault-operator. Similar to what vault has as a secondary performace/DR...
health check for standby returns a failure status code, causing the second vault instance in HA to be marked as failed, which in turn causes deployment to fail. This fixes...
health check for standby returns a failure status code, causing the second vault instance in HA to be marked as failed, which in turn causes deployment to fail. https://github.com/coreos/vault-operator/blob/master/pkg/util/k8sutil/vault.go#L189 and...
vault recommends to use 'vault audit enable' as audit-enable command is deprecated and will be removed in 0.11. https://github.com/hashicorp/vault/blob/master/command/commands.go#L578
As of now we cannot configure the path for etcd storage backend and it defaults to vault/
Add a helm chart for vault-operator just like https://github.com/coreos/prometheus-operator/tree/master/helm/prometheus-operator. The prometheus one was of great help.