open-vault/website/source/guides/operations/index.html.md

layout	page_title	sidebar_current	description
guides	Vault Operations - Guides	guides-operations	Vault architecture guide covers Vault infrastructure discussions including installation.

Vault Operations

Vault Operations guides address Vault infrastructure discussions. These guides are designed to help the operations team to plan and install a Vault cluster that meets your organization's needs.

• Vault Reference Architecture guide provides guidance in the best practices of Vault Enterprise implementations through use of a reference architecture. This example is to convey a general architecture, which is likely to be adapted to accommodate the specific needs of each implementation.

• Vault HA with Consul guide walks you through a simple Vault HA cluster implementation which is backed by HashiCorp Consul.

• Production Hardening guide provides guidance on best practices for a production hardened deployment of Vault. The recommendations are based on the security model and focus on defense in depth.

• [Enterprise Only] Replication Setup & Guidance walks you through the commands to activate the Vault servers in replication mode. Please note that Vault Replication is a Vault Enterprise feature.

• [Enterprise Only] Vault Auto-unseal using AWS Key Management Service (KMS) guide demonstrates an example of how to use Terraform to provision an instance that utilizes an encryption key from AWS Key Management Service (KMS).

• Root Token Generation guide demonstrates the workflow of regenerating root tokens. It is considered to be a best practice not to persist the initial root token. If a root token needs to be regenerated, this guide helps you walk through the task.

• Rekeying & Rotating guide provides a high-level overview of Shamir's Secret Sharing Algorithm, and how to perform rekey and rotate operations in Vault.

• Building Plugin Backends guide provides steps to build, register, and mount non-database external plugin backends.