I’ve setup a Vault using Google Cloud Run, Cloud Storage and Key Management. It is deployed with Pulumi (similar to Terraform) so the setup is extremely repeatable.
As far as I can tell this is a “secure” setup and should be very reliable although it is not technically HA. However, regarding the security I don’t think I know what I don’t know… I’d love to get some feedback from the community on this setup and if you see any major issues with the security of it or other issues to watch out for running on Google Cloud Run. Basically, what should I look out for with this architecture?
Is it safe to run Vault like this on the public internet without HTTP authorization or is that a no-no?