You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
It would be cool to have the possibility to pass a kubeconfig and use kubernetes proxy verb. It will allow to unseal a kubernetes vault HA cluster from non kubernetes nodes.
🌧 Is your feature request related to a problem?
If you want to run an HA vault cluster exposed only in the cluster.
🔎 Describe alternatives you've considered
Exposing each pod with an ingress (I don't like the idea to expose something that is not needed).
Install vault-unseal in the cluster, I don't like the idea to run this software in the same cluster as my vault cluster. For example a compromise node (with a SSH key) can result in discovering vault unseal keys and secret in one time.
⚠ If implemented, do you think this feature will be a breaking change to users?
✨ Describe the feature you'd like
It would be cool to have the possibility to pass a kubeconfig and use kubernetes proxy verb. It will allow to unseal a kubernetes vault HA cluster from non kubernetes nodes.
🌧 Is your feature request related to a problem?
If you want to run an HA vault cluster exposed only in the cluster.
🔎 Describe alternatives you've considered
⚠ If implemented, do you think this feature will be a breaking change to users?
No
⚙ Additional context
No response
🤝 Requirements
The text was updated successfully, but these errors were encountered: