It doesn’t appear that HashiCorp vault offers a managed solution and as a result, I will have to roll my own. This is subjective but how are you managing secure access to your internal users?
- Are you creating DNS e.g. vault.domain.com and restricting access to this through VPN?
- Are you creating DNS e.g. vault.domain.com and restricting access to this via IP range?
I’m looking for suggestions on securing the vault stack and ensuring that a handful of users can log in and create secrets as needed.