mirrors/vault
1
0
Fork 0
mirror of https://github.com/hashicorp/vault.git synced 2026-05-05 20:36:26 +02:00
Code Issues Projects Releases Wiki Activity

Add note about flag -target=recovery for auto-unseal mode (#9163)

Browse Source
This commit is contained in:
Tomas Bäckman 2020-06-08 15:26:49 +02:00 committed by GitHub
parent 4e6c3f2369
commit cc222872bc
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
website/pages/guides/operations/rekeying-and-rotating.mdx
View File

@ -67,6 +67,8 @@ Rekeying the Vault requires a quorum of unseal keys. Before continuing, you
should ensure enough unseal key holders are available to assist with the
rekeying to match the threshold configured when the keys were issued.
Please also observe that if Vault is configured with *auto_unseal* (and the keys thus are the *recovery_keys*), an extra flag `-target=recovery` has to be provided for each of the commands below. Otherwise the *key-shares* will default to **1** no matter what value you set.
First, initialize a rekeying operation. The flags represent the **newly
desired** number of keys and threshold: