Configure vault setup ./up.sh ./00-init.sh ./01-pg.sh ./02-vault.sh vault operator init --key-shares=1 --key-threshold=1 vault operator unseal vault status export VAULT_ADDR="http://vault.dev.XXX.XXX.XXX.XXX.sslip.io" export VAULT_TOKEN="xxxxxxxxxxxxxx" # your root token here setup vault requirements for boundary cd terraform/01-vault-setup # edit terraform.tfvars terraform init terraform apply export VAULT_TOKEN="xxxxxxxxxxxxxx" # your boundary vault token (from terraform output) goes here kubectl create secret -n labs generic vault-secret --from-literal "VAULT_TOKEN=$VAULT_TOKEN" setup boundary server ./03-boundary.sh # edit .secrets/recovery.hcl to reflect your vault addr cd terraform/02-boundary-setup # edit terraform.tfvars terraform init terraform apply Sources https://github.com/hashicorp/learn-boundary-vault-quickstart https://www.boundaryproject.io/docs/installing/no-gen-resources Vault as OIDC provider Boundary Permissions