Skip to content

Shell script to install and configure Vault and SoftHSM2 for demonstration purposes

Notifications You must be signed in to change notification settings

kwagga/Vault_SoftHSM2

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

20 Commits
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Vault_SoftHSM2_Demo

Install and configure Vault and SoftHSM2 for demonstration purposes

This is a simple script that will install and configure a single Vault instance as well as SoftHSM2 on an Ubuntu VM.

A successful execution of the script should provide you with a Vault instance that auto-unseal using keys stored in a SoftHSM2 slot.

Disclaimer

Please do not use this for production employments. This is for lab/testing/demonstration purposes only.

Prerequisites

  • An x86_64 Ubuntu VM (VirtualBox, AWS, gcloud, etc) - Testing was done on Jammy Jellyfish - see the tf folder for a sandbox
  • Bash shell
  • Vault Enterprise License (HSM support is only available for Vault Enterprise)
  • Vault 1.17.1 Enterprise HSM now supports ARM. See tf_arm for an ARM sandbox based on Noble Numbat

Usage

Clone the repo

$ git clone https://github.com/kwagga/Vault_SoftHSM2.git
$ cd Vault_SoftHSM2

Insert Enterprise license

  • Populate vault.hclic with your license.

Make setup.sh executable and execute

$ chmod +x setup.sh
$ ./setup.sh

Post install

Vault Recovery keys and root token will be available in ~/unseal.keys

Useful commands

See demo_commands.md for more information.

About

Shell script to install and configure Vault and SoftHSM2 for demonstration purposes

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published