Skip to content

caiolombello/vault-provisioning

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

12 Commits

.gitignore

.gitignore

 
 

README.md

README.md

 
 

ansible.cfg

ansible.cfg

 
 

key.tf

key.tf

 
 

provider.tf

provider.tf

 
 

provisioning.yml

provisioning.yml

 
 

security-group.tf

security-group.tf

 
 

terraform.tfvars

terraform.tfvars

 
 

vars.tf

vars.tf

 
 

vault-server.tf

vault-server.tf

 
 

Repository files navigation

Provisioning Vault Server on AWS EC2

Instance type: t4g.micro

Instance specs:

  • vCPUs: 2
  • Memory (GiB): 1 GiB
  • On-Demand hourly cost: 0.0084
  • 1YR Std reserved hourly cost: 0.0053
  • Monthly cost: $4.67

Usage:

  1. Set your AWS credentials as environment variables: AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY

  2. If you want to change the instance type set the Terraform variable value in a file named terraform.tfvars

    # EC2 Instance Type
instance_type = "t4g.micro"

  3. Run Terraform:

    # Pull necessary plugins
$ terraform init

$ terraform plan

$ terraform apply -auto-approve

  4. Run Ansible to provision Vault Server

    $ ansible-playbook -i "hosts" provisioning.yml

  5. On the server instance, run the following commands:

    # Initialize Vault
$ vault operator init -stored-shares=1 -recovery-shares=1 \
        -recovery-threshold=1 -key-shares=1 -key-threshold=1 > key.txt
# Vault should've been initialized and unsealed
$ vault status
# Log in with initial root token
$ vault login $(grep 'Initial Root Token:' key.txt | awk '{print $NF}')

  6. Clean up

    $ terraform destroy -force
$ rm -rf .terraform terraform.tfstate*

About

Provisioning my own Vault Server on AWS with Ansible and Terraform

Topics

aws ansible vault terraform aws-ec2 vault-server

Resources

Readme
Activity

Stars

0 stars

Watchers

2 watching

Forks

0 forks
Report repository

Languages