luxolus
/
open-vault
2
0
Fork 0
Code Issues 1 Pull Requests Releases Activity

Add a note that multi-cluster ENT setups can avoid this risk (#19024) 

* wip

* all-seals

* typo

* add note about unreplicated items

* italics

* word-smithing
This commit is contained in:
Scott Miller 2023-02-06 19:25:14 -06:00 committed by GitHub
parent d0bf019be5
commit 78aaa3ca92
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
website/content/docs/concepts/seal.mdx
View File

@ -128,6 +128,10 @@ To mitigate this risk, we recommend careful controls around management of the se
mechanism, for example using mechanism, for example using
[AWS Service Control Policies](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_scps.html) [AWS Service Control Policies](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_scps.html)
or similar. or similar.
With Vault Enterprise secondary clusters (disaster or performance) can have a
seal configured independently of the primary, and when properly configured guards
against *some* of this risk. Unreplicated items such as local mounts could still
be lost.
## Recovery Key ## Recovery Key