I’m working on a setup with a vault cluster and a master Vault for auto unsealing via the Transit Secret engine. According to the documentation https://www.vaultproject.io/docs/concepts/seal.html#auto-unseal the master key is stored in the backend storage. I have two questions:
- Which vault contains the master key (I guess this would be the master vault)?
- Can I somehow retrieve the master key from the vault?