Skip to content

HCP Vault Endpoints#

HCP Vault has both a private (peered to the UofM network via AWS) and public endpoint. Use the following diagram to determine which endpoint you should use:

flowchart TD
    A[<b>UMN RFC1918 IP Space</b><br> 10.0.0.0/8<br> 172.16.0.0/12<br> 192.168.0.0/16] --> | AWS Tunnel | C(Vault Private Endpoint<br> <a href="https://hcp-vault-private-vault-fc507e0d.5d5b1f21.z1.hashicorp.cloud:8200">https://hcp-vault-private-vault-fc507e0d.5d5b1f21.z1.hashicorp.cloud:8200</a>);
    B[<b>UMN Owned Public IP Space</b><br> 128.101.0.0/16<br> 131.212.0.0/16<br> 134.84.0.0/16<br> 146.57.0.0/16<br> 160.94.0.0/16<br>] --> |HCP Firewall - Allowed by default| D(Vault Public Endpoint<br> <a href="https://hcp-vault-public-vault-fc507e0d.5d5b1f21.z1.hashicorp.cloud:8200">https://hcp-vault-public-vault-fc507e0d.5d5b1f21.z1.hashicorp.cloud:8200</a>);
    E[<b>Public IP Space</b>] --> |HCP Firewall - Denied by default| D
    C-->F[UMN HCP Vault];
    D-->F;