Skip to main content

HashiCorp Vault Unseal Key

Description#

General#

  • Documentation: https://www.vaultproject.io/docs/concepts/seal

  • Summary: HashiCorp Vault is a solution to securely store and manage access to secrets and systems based on trusted sources of application and user identity. This detector can detect unseal keys used to get access to the vault master key.

  • IPs allowlist: This feature is not available.

  • Scopes: Unsealing a vault requires entering a minimum number of different unseal keys. This number is defined when configuring the vault.

Revoke the secret#

The process is documented in the Rekeying & Rotating Vault documentation.

Check for suspicious activity#

This feature is not available.

Details for Hashicorp vault unseal key#

  • Family: Other

  • Category: Other

  • Company: HashiCorp

  • High recall: False

  • Validity check available: False

  • Minimum number of matches: 1

  • Occurrences found for one million commits: 0.35

  • Prefixed: False

  • PreValidators:

- type: ContentWhitelistPreValidator  patterns:  - unseal[_.-]?key

Examples#

- text: |    VAULT_UNSEAL_KEY_3="J2fk3Q5ANMClblQk2E6WKB4vRfGR4MdHL/0pfMSWEouI"  apikey: J2fk3Q5ANMClblQk2E6WKB4vRfGR4MdHL/0pfMSWEouI
- text: |    UNSEAL_KEY: SoR4EtGierohjeoithDabuhGeo42/45HgtrhtMSWZzOG  apikey: SoR4EtGierohjeoithDabuhGeo42/45HgtrhtMSWZzOG