วีดีโอ

real question is how to enable oidc connection with it so you can login without email and password and just by clicking a button... there's no info on it at all

Thank you, this video was helpful, for me I'm using Cloudflare for domains so I had to copy the NS records from the Route 53 > Hosted Zones and add them to Cloudflare under DNS for the domain, and changed the SSL/TLS settings from Full to Flexible (not sure why it was not working for Full) and one more thing the bucket name has to be the same as the domain name amazon doc search for ( I can't route traffic to an Amazon S3 bucket that's configured for website hosting) good luck

Thanks bro🤟🤟🤟🤟

Thanks Can you suggest if we lost the master keys but we have unsealed our vault then any way to regenerate master keys without data distruption and also suggest you performed to generate in empty vault so if we generate where we might have a lot of data then any issue?

Great video. Helps a lot when you are starting from scratch.

Thank you for the video, saved me a bunch of time!

I’m not able to create a CNAME. It’s gives me an error about dns apex. Any help is appreciated!

nice video. 3 questions 1) what IP to use if i want to use my main domain not the sub domain 2) what if you click other links and pages, will it still show the domain name ? 3) s3 bucket name, does it has to be the exact domain name ? i have an existing bucket, do i need to create a new with exact name ?

Thanks for the video very good video, can you suggest on below Can we use the same scenario for production applications which required RDS database if yes then after or before expiring the credential whether application will retrieve new credentials to keep a continue connectivity with database without any downtime ?

Awsome content! help me a lot. Thank you~

whats the cost for hosting from Amazon?

Thank you Bryan. You helped me a lot with this video.

I get this error while trying to access my hosted site "Forbidden You don't have permission to access this resource. Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request." Please do you know what causes it and how it can be fixed?

good tutorial until 7:30 - bro immediately assumed we had a hosted zone. Havenet even touched R53 since this is for other people that know how to do this

How to verify AWS Account. It is preventing me from creating a cloud front

Dude your god

Here is the bucket policy so you don't have to manually type it in { "Version": "2012-10-17", "Statement": [ { "Sid": "PublicReadGetObject", "Effect": "Allow", "Principal": "*", "Action": [ "s3:GetObject" ], "Resource": [ "arn:aws:s3:::Bucket-Name/*" ] } ] }

Wow, spread based scheduling. I didn't know it was possible

Great tutorial! What happened when kms key expired? Do you have to update vault config periodically?

Great video, thanks!

Hi! How do I make the setting properly if I want to access only through cloudfront , I don't want the site to be accessible through http link in s3 bucket?

It was working in http https not working I am using external dns help me please

Good tut. Is this setup possible if AWS Route 53 is not the one managing the domain i.e. NameServer? Thanks

The CName set up you do at 08:00 wont work with a root domain

A very detailed video, thanks a lot!

followed the exact steps before the tls, but it's showing DNS address could not be found for my subdomain...

That was well explained, Thanks a lot

wow, after 5hrs of trying to setup all of these, you helped me out in the end. Tysm!

I have Launched the website but it shows Dangerous site please explain the Problem

creating hosted zones is chargeable even in aws free tier.

This was incredible. I don't know how many hours, even even days, this saved me. Thank you!

Thank you for this video! Clear and concise.

I can't believe you've only gotten 11 likes. This is the only good documentation on how two do this that I've found out in the world. 1,000 thank yous.

if you have a raft cluster, you need to do this "unseal -migrate" on followers, but do a "vault operator step-down" on the leader.

We normally use a parent token to issue this creds under and authenticated backend. My lease period for that parent token is lower than the one that I was using for the actual creds store. The problem that I'm facing as you can imagine is that this token get revoked before the actual lease period expired and I'm using the lease period of the child token to renew the db creds. What do you suggest to address this so common use case? It will be k8s authentication (short lived token) -> database/creds/role (longer ttl)

This is really useful! thanks a lot! keep it up!

This is really useful! thanks a lot! keep it up!

Amazing... You help save a significant amount of time. :D

Thanks we are in exact situation. we just moved from onprem to EKS, we thought of using autounseal. Q: Do we have any kubernetes vault operator that does migration ?

Thanks for the explanation!

at 4:41, i have created a vault instance in aws, and also created RDS databse (postgresql ) in aws, i followed same steps but unfortunately unable to connect to the databse. Cuuld you please let me know how to enable to ports to connect vault to AWS RDS (postgresql), created the both vault and AWS RDS instances in same regions only.

It would be nice to do the rotation automatically using Vault... Only wondering which ACL I need to list, add, remove and delete keys to generate a token for consult-template but couldn't find any docs.

Lets gooo!!!!

Amazing explanation. Thanks a lot for sharing.

awesome, thank you!

Haha still one of my favourite hidden features of vault. It's great for developer experience

thank you! very helpful