Vault Authentication to AWS for automated snapshots to s3 bucket


Trying to set up automated snapshots to s3 bucket (version: 1.8.0_ent). Reading the docs, it seems like an option is to put AWS credentials into these fields during configuration:


However, this is not going to be possible. Is there any other mechanism that Vault can utilize to access the s3 bucket?

What do you mean it is not possible? If your Vault is in AWS, you can assign the IAM role to the instances themselves. Otherwise:

You set it up via this API. It’s a JSON file that you put and that’ll tell vault what credentials to use.

I mean that it is not going to be possible to pass AWS credentials this way in my infra. IAM role is the way to go, I guess. I missed that.