Source: www.hashicorp.com
HashiCorp Vault Use Cases and Best Practices on AzureCategory: Business, Security, Data, Microsoft, Kubernetes, Infrastructure, Hashicorp, encryption, github, automation
A fully managed platform to automate infrastructure on any cloud with HashiCorp products. The new approach is zero trust security: assume that the network perimeter is not secure — trust nothing and authenticate and authorize everything.
For these instances when organizations need to bring their own key to the cloud, the Vault Key Management secrets engine (KMSE) supports lifecycle management of keys in named Azure Key Vault instances.
If Vault is running on Azure, you can store a master key in Azure Key Vault and leverage a managed service identity to automatically unseal Vault.
In the process of creating virtual disks for a VM that will use Vault, the best practice is to add an additional security layer by leveraging Azure Key Vault to generate a Key Encryption Key (KEK) to encrypt the virtual disks.
For these instances when organizations need to bring their own key to the cloud, the Vault Key Management secrets engine (KMSE) supports lifecycle management of keys in named Azure Key Vault instances.
If Vault is running on Azure, you can store a master key in Azure Key Vault and leverage a managed service identity to automatically unseal Vault.
In the process of creating virtual disks for a VM that will use Vault, the best practice is to add an additional security layer by leveraging Azure Key Vault to generate a Key Encryption Key (KEK) to encrypt the virtual disks.
Related Articles
Community Partners
DevOps Careers