This deployment creates AWS Target Groups.
When you set vault_type to opensource, you will get one target group for port :8200/tcp. The API and UI can be accessed on this port.
The expected state depends on the configuration of this module.
When vault_enable_telemetry is set to false or vault_enable_telemetry_unauthenticated_metrics_access is set to true:
- 3 healthy instance.
- no unhealthy instances.
- Auto scaling group uses the ELB health check.
Basically all nodes receives all the API and UI traffic and the standby nodes forward traffic to the leader.
When vault_enable_telemetry is set to true and vault_enable_telemetry_unauthenticated_metrics_access is set to false:
- 1 healthy instance.
- 2 unhealthy instances.
- Auto scaling group uses the EC2 health check.
When you set vault_type to enterprise, you will get two target groups:
- Port
:8200/tcp- The API and UI can be accessed on this port. - Port
:8201/tcp- Vault replication (cluster to cluster, for DR and PR) can be used.
- 1 healthy instances.
- 2 unhealthy instances.
Basically any node can be used to setup replication. The load balancer will pick one node.