upstream/vault
1
0
Fork 0
mirror of https://github.com/hashicorp/vault.git synced 2026-05-28 04:10:44 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

website: Add more hardening tips

Browse source
This commit is contained in:
Armon Dadgar 2017-06-26 14:00:36 -07:00
parent 997da9ae39
commit be219f10e6
1 changed files with 2 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
website/source/docs/guides/production.html.md
View file

@ -38,3 +38,5 @@ It is entirely possible to use Vault without applying any of the following recom
* **Configure SELinux / AppArmor**. Using additional mechanisms like SELinux and AppArmor can help provide additional layers of security when using Vault. While Vault can run on many operating systems, we recommend Linux due to the various security primitives mentioned here.
* **Restrict Storage Access**. Vault encrypts all data at rest, regardless of which storage backend is used. Although the data is encrypted, an attacker with arbitrary control can cause data corruption or loss by modifying or deleting keys. Access to the storage backend should be restricted to only Vault to avoid unauthorized access or operations.