» Vault Operations
Vault Operations guides address Vault infrastructure discussions. These guides are designed to help the operations team to plan and install a Vault cluster that meets your organization's needs.
Vault Reference Architecture guide provides guidance in the best practices of Vault Enterprise implementations through use of a reference architecture. This example is to convey a general architecture, which is likely to be adapted to accommodate the specific needs of each implementation.
[Enterprise Only] Mount Filter guide demonstrates how to selectively filter out secret engines from being replicated across clusters. This feature can help organizations to comply with General Data Protection Regulation (GDPR).
[Enterprise Only] Vault Auto-unseal using AWS Key Management Service (KMS) guide demonstrates an example of how to use Terraform to provision an instance that utilizes an encryption key from AWS Key Management Service (KMS).
[Enterprise Only] Seal Wrap / FIPS 140-2 guide demonstrates how Vault's seal wrap feature works to encrypt your secrets leveraging FIPS 140-2 certified HSM.
Root Token Generation guide demonstrates the workflow of regenerating root tokens. It is considered to be a best practice not to persist the initial root token. If a root token needs to be regenerated, this guide helps you walk through the task.
Rekeying & Rotating guide provides a high-level overview of Shamir's Secret Sharing Algorithm, and how to perform rekey and rotate operations in Vault.
Building Plugin Backends guide provides steps to build, register, and mount non-database external plugin backends.