From 6068d914475b977d805dbec7a2f899eb2e2d2a61 Mon Sep 17 00:00:00 2001
From: William P <me@williamtpeebles.com>
Date: Sat, 8 Mar 2025 14:42:48 -0500
Subject: [PATCH] add AWS key unseal support

---
 black-start/services/vault/config/config.hcl | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/black-start/services/vault/config/config.hcl b/black-start/services/vault/config/config.hcl
index cd0310d..bda3d8f 100644
--- a/black-start/services/vault/config/config.hcl
+++ b/black-start/services/vault/config/config.hcl
@@ -13,5 +13,11 @@ listener "tcp" {
   tls_key_file  = "/certs/server.key"
 }
 
+seal "awskms" {
+  region = "us-east-1"
+  access_key = "AKIAS7LPFCPFUF4QKHPA"
+  kms_key_id = "ea99bc16-6e46-482c-9ee0-62db515c490c"
+}
+
 api_addr = "https://api.weyma-vault.infra.dubyatp.xyz:8200"
 cluster_addr = "https://weyma-vault.infra.dubyatp.xyz:8200"
\ No newline at end of file