Install HashiCorp Vault on EC2

One can install and configure Vault on an EC2 instance. Vault over TLS can also be configured.

TL;DR- Use the following script in userdata while creating the EC2 or run this on the EC2 server. Visit “http://<ec2-ip>:8200” to initiate vault.

Vault configuration without TLS

When writing this, the above code downloads the latest vault binary, unzips it, and moves it to bin. Also, vault will, in this case, be enabled as a service so, it can be restarted in case of server reboots.

Once the above script is executed. You can access the uninitiated HashiCopr Vault: http://<ec2-ip>:8200/.

• Make sure you use HTTP, since vault was configured with TLS disabled.
• Make sure port 80 is open to the intended IP CIDR in the EC2 Security Group.

🚨🚨Caution: This is NOT a production-ready vault setup by any stretch of imagination. Below are some production-ready options:

• EC2: https://aws-quickstart.github.io/quickstart-hashicorp-vault/
• EKS: https://aws-quickstart.github.io/quickstart-eks-hashicorp-vault/