Files

Ron Stone f424ea5aa1 Vault updates (r8,dsR8)

Add links to the Vault developer documentation.

Signed-off-by: Ron Stone <ronald.stone@windriver.com>
Change-Id: I8884a38618f22937afbde328fca3f5e193802dc1

2023-04-12 20:39:33 +00:00

1.8 KiB

Raw Blame History

Vault Overview

integrates open source Vault containerized security application (Optional) into the solution, that requires as a storage backend to be enabled.

Vault is a containerized secrets management application that provides encrypted storage with policy-based access control and supports multiple secrets storage engines and auth methods.

includes a Vault-manager container to handle initialization of the Vault servers. Vault-manager also provides the ability to automatically unseal Vault servers in deployments where an external autounseal method cannot be used. For more information, see, https://www.vaultproject.io/.

There are two methods for using Vault secrets with hosted applications:

The first method is to have the application be Vault Aware and retrieve secrets using the Vault REST API. This method is used to allow an application to write secrets to Vault, provided the applicable policy gives write permission at the specified Vault path.

For more information, see : Vault Aware <vault-aware>.

The second method is to have the application be Vault Unaware and use the Vault Agent Injector to make secrets available on the container filesystem.

For more information, see, : Vault Unaware <vault-unaware>.

1.8 KiB Raw Blame History

Vault Overview

1.8 KiB

Raw Blame History