Skip to content

Instantly share code, notes, and snippets.

View AJackTi's full-sized avatar
:electron:
Focusing

TrongDang AJackTi

:electron:
Focusing
View GitHub Profile
@AJackTi
AJackTi / content.md
Created September 18, 2023 07:31 — forked from Mishco/content.md
Setup HashiCorp Vault on docker

Setup HashiCorp Vault on docker

Vault secures, stores, and tightly controls access to tokens, passwords, certificates, API keys, and other secrets in modern computing. Vault is primarily used in production environments to manage secrets. Vault is a complex system that has many different pieces. There is a clear separation of components that are inside or outside of the security barrier. Only the storage backend and the HTTP API are outside, all other components are inside the barrier.

Vault_architecture

Figure 1: Architecture of Vault and Spring App (Click to enlarge)

The storage backend is untrusted and is used to durably store encrypted data. When the Vault server is started, it must be provided with a storage backend so that data is available across restarts. The HTTP API similarly must be started by the Vault server on start so that clients can interact with it.