Thank you for the video and for answering the multi-region question below. Thumbs-up!. A few suggestions: 1. Point the viewers to the fact when auto unseal is configured Vault generates "Recovery" keys, and NOT "Unseal" keys 2. Explain how the auto unseal works - at startup Vault will connect to the device or service implementing the seal and ask it to decrypt the root key Vault read from storage.
KMS keys are regional that means you can't use outside the region in which they are created, instead copy the key to different regions and use it. Alternatively create MRK multi regional key, replicate to diff region and use it. Hope this helps. Pls subscribe if not, keep learning
Thank you for the video and for answering the multi-region question below. Thumbs-up!. A few suggestions:
1. Point the viewers to the fact when auto unseal is configured Vault generates "Recovery" keys, and NOT "Unseal" keys
2. Explain how the auto unseal works - at startup Vault will connect to the device or service implementing the seal and ask it to decrypt the root key Vault read from storage.
Thank you George
Hi Sir, KMS key is region specific , if you want to use it in another region in that case?
KMS keys are regional that means you can't use outside the region in which they are created, instead copy the key to different regions and use it. Alternatively create MRK multi regional key, replicate to diff region and use it. Hope this helps.
Pls subscribe if not, keep learning