Presentation

Keybase Vault Auto-Unseal

Published 8:00 AM UTC Feb 26, 2020

In this talk, learn how to automatically unseal Vault clusters within a Keybase team.

When you want to automate the unsealing of your on-premise Vault clusters, how can you securely distribute Shamir unseal keys to the team so you can unseal your Vault when while on-call?

What You'll Learn

In this talk, learn how to automatically unseal Vault clusters within a Keybase team. The example demo uses Keybase.io in an automated Vault on Consul cluster with an Ansible/Vagrant environment to teach and practice.

Vagrant (tested on Mac)
Consul OSS
Vault OSS
Keybase (vault operator init, vault unseal, KBFS)
Ansible (Brian Shumate's roles, custom roles)
Packer (work in progress)

Slides

Sign up for the latest HashiCorp news

More resources like this one

4/11/2024
FAQ

Introduction to HashiCorp Vault

12/28/2023
FAQ

Why should we use identity-based or "identity-first" security as we adopt cloud infrastructure?

3/14/2023
Article

5 best practices for secrets management

2/3/2023
Case Study

Automating Multi-Cloud, Multi-Region Vault for Teams and Landing Zones

View all resources