32 lines
771 B
Markdown
32 lines
771 B
Markdown
# Vault Auto-unseal using AWS KMS
|
|
|
|
These assets are provided to perform the tasks described in the [Vault Auto-unseal with AWS KMS](https://learn.hashicorp.com/vault/operations/ops-autounseal-aws-kms) guide.
|
|
|
|
---
|
|
|
|
## Demo Steps
|
|
|
|
### Setup
|
|
|
|
1. Set this location as your working directory
|
|
1. Set your AWS credentials as environment variables: `AWS_ACCESS_KEY_ID` and `AWS_SECRET_ACCESS_KEY`
|
|
1. Set Vault Enterprise URL in a file named `terraform.tfvars` (see `terraform.tfvars.example`)
|
|
|
|
### Commands Cheat Sheet
|
|
|
|
```bash
|
|
# Pull necessary plugins
|
|
$ terraform init
|
|
|
|
$ terraform plan
|
|
|
|
# Output provides the SSH instruction
|
|
$ terraform apply
|
|
|
|
#----------------------------------
|
|
|
|
# Clean up...
|
|
$ terraform destroy -force
|
|
$ rm -rf .terraform terraform.tfstate* private.key
|
|
```
|