Vault Reference Architecture
This guide provides guidance in the best practices of Vault implementations through use of a reference architecture.
Day 1: Deploying Your First Vault Cluster with Consul
If you are responsible for setting up and maintaining a Vault cluster using Consul as storage backend, get started here.
Production Hardening
This tutorial provides guidance on best practices for a production hardened deployment of HashiCorp Vault.
Vault Deployment tutorial
This deployment tutorial covers the steps required to install and configure a single HashiCorp Vault cluster as defined in the Vault Reference Architecture
Vault High Availability with Consul
This tutorial will walk you through a simple Vault Highly Available (HA) cluster implementation. While this is not an exhaustive or prescriptive tutorial that can be used as a drop-in production example, it covers the basics enough to inform your own production setup.
Auto-unseal using AWS KMS
In this tutorial, we'll show an example of how to use Terraform to provision an instance that can utilize an encryption key from AWS Key Management Services to unseal Vault.
Auto-unseal using Azure Key Vault
This tutorial demonstrates an example for enabling Auto-unseal with Azure Key Vault.
Auto-unseal using GCP Cloud KMS
This tutorial demonstrates an example for enabling Auto-unseal with GCP Cloud KMS.
Auto-unseal using Transit Secrets Engine
An example for enabling Auto-unseal with Vault's Transit Secrets Engine.
Enterprise
HSM Integration - Seal Wrap
This tutorial demonstrates how Vault's seal wrap feature works to encrypt your secrets leveraging FIPS 140-2 certified HSM.
Enterprise
Disaster Recovery Replication Setup
This tutorial demonstrates step-by-step instruction of setting up disaster recovery (DR) replication.
Enterprise
Performance Replication with Paths Filter
This tutorial demonstrates how to selectively filter out secret mounts from being replicated across datacenters with performance replication.