Photo by Florian Berger on Unsplash

Setting up Vault AWS Secrets Engine with AWS Gov Cloud to Setup Credential Rotation

Hashicorp

Static Keys are trouble as well as very difficult to manage. For that key rotation is needed. This article will explain how to set up Key rotation within the Hashicorp Vault for AWS Gov Cloud. This process is very easy, however, I wrote this article as Hashicorp Vault does not offer a Gov Cloud selection for the region. So there is a little workaround to get this done. You can also apply this same setup for any region if needed as well.

Assumptions:

• Already have a HashiCorp Vault Server unsealed with admin privileges.
• Should also have a Token used to login to the Vault Server.
• Already have an AWS Gov Cloud Account with administrative privileges.

Step 1: Login and Create an AWS Secrets Engine

Login via the Vault GUI and click “Engine new Engine +”.

Shows the Enable new engine +

Click on AWS Icon under Cloud and Click Next