Auto seal Vault

Planning to use transit secret engine to auto unseal the second HashiCorp Vault (using Enterprise license). It there a way to auto seal the second Vault if the connection between the “master” Vault and the second Vault is down?

Hi oysteinhermansen,

Thank you for asking a question on the discussion forum.

If you enable sealwrap on the enterprise cluster, it should seal itself when the transit unsealing cluster is down or unreachable. This will only happen when something accesses sealwrapped values, but you could have a periodic job of some kind to provoke that. Out of curiosity, why you want this behaviour?


Just trying to document different usage scenarios for the Vault for compliance reasons.