Hashicorp Vault Open Source
HashiCorp Vault is a secrets management solution that brokers access for both humans and machines, through programmatic access, to systems. Secrets can be stored, dynamically generated, and in the case of encryption, keys can be consumed as a service without the need to expose the underlying key materials. The open source version of the Vault is a production grade secrets management system that could be integrated with your CI/CD pipeline or with any other application that requires highly secured dynamic management of secrets.
- AMI built with the latest, stable version of Hashicorp Vault.
- AMI compatible for spinning up nodes to run Vault on a single node or in a cluster.
- AMI is built on a patched operating system and the node created from this is ready to be deployed in production.
- When an EC2 node spun up from this AMI, Vault service is up and running.
- SSH into the newly spun up node to initialize vault.
- If TLS needs to be enabled (recommended configuration if the instance is used in production) install certificates.
- Vault web UI is only accessible on the localhost. Install a reverse proxy if remote access needs to be accessed.
- The Vault service can be managed using
servicecommand. Look up the status to check the location of executable and the configuration file.
Click on the links below to take you to Amazon Marketplace for spinning up EC2 nodes.
- Apache Cassandra Node AMI for Amazon Linux 2
- Apache Cassandra Node AMI for CentOS 7
- Apache Cassandra Node AMI for CentOS 8
- Apache Cassandra Node AMI for Red Hat Enterprise Linux 7
- Apache Cassandra Node AMI for Red Hat Enterprise Linux 8
- Apache Cassandra Node AMI for Fedora 31
- Apache Cassandra Node AMI for Debian 10
- Apache Cassandra Node AMI for Ubuntu 16.04
- Apache Cassandra Node AMI for Ubuntu 18.04
- Apache Cassandra Node AMI for Ubuntu 20.04
- When an EC2 node spun up from this AMI, Vault API service would be up and running on port 8200.
- On platforms supporting systemd the
vaultservice can managed using standard steps:
$ sudo systemctl [start|stop|status] vault.service
On older Linux platforms like Amazon Linux 2018, standard vault service is available to manage the service:
$ sudo service vault [start|stop|status]
Kurian releases latest, stable versions of open source software on popular Linux distributions. If you need a configuration that is not currently available in marketplace, send us your requirements to contact@kurianinc.us. Please include the following info in the email:
- Name of Software with version numbers that need to be released as AMIs.
- Linux distribution and the version.
- The EC2 instance type that you plan to spin up using the AMI (optional).
Follow official documentation for the directions for any upgrades.
- The Cassandra service is
cassandra, and it can be managed using standard options available for a Linux service. See the last section also. - The application can be maintained following the official documents.
- Kurian can help with configuring the application for your specific needs using this AMI. Contact us with details to contact@kurianinc.us
Following are the standard AWS defined users available for SSH when a node is provisioned:
- Amazon Linux: ec2-user
- Red Hat Linux: ec2-user
- SuSE Linux: ec2-user
- Fedora: fedora
- CentOS: centos
- Debian Linux: admin
- Ubuntu: ubuntu
- 05/24/2021 - Initial release on Debian 10, Ubuntu 16.04/18.04/20.04, Amazon Linux 2, CentOS 7.9/8.3, RHEL 7 and 8, Fedora 31. Not supported on Amazon Linux 2018, SUSE Linux platforms.
© 2015-2021 Kurian, Inc. All Rights Reserved.