I was evaluating the auto unseal feature released in vault recently with various cloud provider KMS, I was doing with AWS KSM and I was able to auto unseal the vault, post restart/stop&start vault processes.
I have used k8s platform to host vault server workload. Now since auto unseal is working as expected, i was looking to auto initialize the vault during initial startup, as i was doing it manually during initial setup. I googled about it and landed on below shared by Kelsey and Seth Vergo.
I have couple of questions about the whole process
- how we can auto initialize the vault server, process workflow
- How to retrieve the master key and recovery keys, in case of auto init