Vault Unseal Key

Bridgecrew Policy ID: BC_GIT_71
Chekov Check ID: CKV_SECRET_71
Severity: LOW

Vault Unseal Key

Description

When a Vault server is started, it starts in a sealed state. In this state, Vault is configured to know where and how to access the physical storage, but doesn't know how to decrypt any of it. Unsealing is the process of obtaining the plaintext root key necessary to read the decryption key to decrypt the data, allowing access to the Vault.

Fix - Git

TBD


Did this page help you?