I am using Kubernetes authentication in Vault.
Also, I am using Auto unseal using AWS KMS.
I want to use same vault in new Kubernetes cluster. So, I have to set new Kubernetes auth config in Vault.
The problem is that I am not able to do that as I do not have access to root key to perform this operation. Is there any other workaround?
Another option is that
- I create a new Vault instance
- I take backup of all secret data from old vault and put it back to new Vault. But it is going to be painful exercise.
Please let me know what I can do here.