We want to use HashiCorp Vault to save the passwords used by our applications.
What is not clear to me is, how to distribute/ where to store the keys our applications need to access the vault in a secure way.
I think this issue is not addressed by the vault documentation. At least, I couldn't find it. But clearly, it should by a problem every vault user has to handle.
Can someone give me a hint or provide an external tutorial, please?
Thx in advance!
What you need to figure out is what Authentication method is available to you.
https://www.vaultproject.io/docs/auth/index.html
For example, if you are running your app in AWS, you could be using iam to authenticate. In this case, you dont need to provide anything to your application as its handled behind the scenes from Vault and AWS.
Another way would be tokens authentication where you'd need to provide your application a valid Vault token so that it can be used to get credentials.
This has more information about auth.