unseal vault kms aws code example

Example: autouseal using awskms in vault

/*AutoUnseal with AWS KMS
In your config file mention below line*/ 

seal "awskms" {}

#Set below environment Variables with values
##################VAULT ENVIRONMENT VARIABLES###########################
VAULT_API_ADDR=http:<URL:PORT>
VAULT_ADDR=http:<URL:PORT>
VAULT_AWSKMS_SEAL_KEY_ID=<YOUR_KMS_ID>
##################AWS ENVIRONMENT VARIABLES#############################
AWS_REGION=<YOUR_REGION>
AWS_ACCESS_KEY_ID=<YOUR_ACCESS_KEY>
AWS_SECRET_ACCESS_KEY=<YOUR_SECRET_KEY>

#Start the read from the config file

vault server -config <HCL CONFIG FILE NAME>
  
/* First time you need to unseal it so that it can migrate it from manual to autounseal*/
 vault operator unseal -migrate

Tags:

Php Example