Presentation

High Availability Vault with DynamoDB in Kubernetes

Published 8:00 AM UTC Mar 07, 2019

HUG community member Vinh Quoc Nguyen shares his method for running HA Vault on AWS's DynamoDB service in Kubernetes.

HashiCorp Vault is well-known and popular, but sometimes you need extra guidlines to help run it properly with a very specific production environment. This talk will guide users through the process of setting up Vault with auto-unseal using AWS KMS as well as running Vault in high availability (HA) mode with DynamoDB and secret versioning. User authentication will be set up with duo, Kubernetes service account duo, and we'll hook up Docker custom entrypoints to get secrets dynamically.

This talk was part of the first HashiTalks online event—A 24-hour continuous series of presentations from the worldwide HashiCorp User Group (HUG) community and from HashiCorp engineers as well. The event took place from February 21-22, 2019.

Check out your local chapter or start a new one here.

More resources like this one

  • 4/11/2024
  • FAQ

Introduction to HashiCorp Vault

Vault identity diagram
  • 12/28/2023
  • FAQ

Why should we use identity-based or "identity-first" security as we adopt cloud infrastructure?

  • 3/14/2023
  • Article

5 best practices for secrets management

  • 2/3/2023
  • Case Study

Automating Multi-Cloud, Multi-Region Vault for Teams and Landing Zones

View all resources