I have installed latest version of Hashicorp Vault(Version 1.12.1) with Mysql as a backend database in AWS cloud.
I spin up a database instance using the mysqldump/snapshot of running Vault database engine and I am unable to see the secrets in new Vault. It is completely new and fresh vault though I used previous DB snapshot.
Is it possible to see secrets, if we use snapshot of existing DB and create new Vault ??
Please guide me here.
Yes, it is possible.
But all you’ve told us is that it doesn’t work - with so little detail, it’s not possible to suggest a cause.
Thanks for the quick response.
We have Vault deployed in production and are utilizing a MySQL database as our storage backend. Various secrets are stored within it.
For disaster recovery, we planned to set up a new Vault using a database snapshot of the production Vault database. However, upon installing the Vault, I am unable to view the old data or secrets.
Could you please help me understand the issue or guide me on how to do this?
I do not believe I will be able to understand the issue or guide you as all you are telling me is that it didn’t work. This is simply not enough information to go on.
This is a community help forum - not a place to recruit consultants.
Hi @maxb , I’m facing a similar issue.
The setup I use is like this… We have a MySQL DB and a containerized vault-1.11.1 pod that runs on K8’s.
Recently I had to perform a data migration and during this I took a backup of MySQL (vault) DB using the mysqldump command. When I restored the same in my new environment and brought up the vault pod and did "vault kv get “/secret-path/” " . I got a error message saying “ERROR- Vault is already initialized”
I checked the “vault operator status” and it was not sealed. I then ran “vault init”— Got the same error as mentioned above.
Same error I got, and I am unable to see the secrets from mysql dump.