Source: www.hashicorp.com
Azure Managed Identities with the HashiCorp Stack: Part 2Category: Data, Terraform, Azure, Hashicorp, encryption
Secrets management with HashiCorp Vault can use Microsoft Azure managed identities to ease the operational burden of Vault cluster availability: Part 2 in a series.
In part 1, we learned about Microsoft Azure managed identities, how they work, how to provision them with HashiCorp Terraform, and howHashiCorp’s Packer and Terraform can use them to authenticate against Azure.
You can use Azure Key Vault to store the unseal key.
If you host a Vault deployment in Azure, you can use Azure managed identity for Vault to authenticate against Azure and gain access to the unseal key in Azure Key Vault. You can also set the tenant ID and Azure Key Vault name and key using environment variables: When you use a managed identity and set the environment variables, you can have an empty seal stanza within Vault’s configuration file: For more on auto unseal for Azure Key Vault, check out our Learn tutorial.
In part 1, we learned about Microsoft Azure managed identities, how they work, how to provision them with HashiCorp Terraform, and howHashiCorp’s Packer and Terraform can use them to authenticate against Azure.
You can use Azure Key Vault to store the unseal key.
If you host a Vault deployment in Azure, you can use Azure managed identity for Vault to authenticate against Azure and gain access to the unseal key in Azure Key Vault. You can also set the tenant ID and Azure Key Vault name and key using environment variables: When you use a managed identity and set the environment variables, you can have an empty seal stanza within Vault’s configuration file: For more on auto unseal for Azure Key Vault, check out our Learn tutorial.
Related Articles
Community Partners
DevOps Careers