diff --git a/README.md b/README.md
index f17fbc51..90763c80 100644
--- a/README.md
+++ b/README.md
@@ -1507,6 +1507,46 @@ This feature enabled operators to delegate the unsealing process to AZURE Key Va
 - The key hosted in the Vault in Azure Key Vault
 - Default value: vault_key
 
+## Vault Transit Auto-unseal
+
+This feature enables operators to delegate the unsealing process to another Vault cluster to ease operations in the event of partial failure and to aid in the creation of new or ephemeral clusters.
+
+### `vault_transit`
+
+- Set to True to enable Vault Transit Auto-Unseal.
+- Default value: false
+
+### `vault_backend_transit`
+
+- Backend seal template filename
+- Default value: `vault_seal_transit.j2`
+
+### `vault_transit_address`
+
+- URL to Vault cluster hosting the key
+- Default value: VAULT_ADDR
+
+### `vault_transit_token`
+
+- Token to access the key
+- Default value: VAULT_TOKEN
+
+### `vault_transit_disable_renewal`
+
+- Disables the automatic renewal of the token
+- Default value: VAULT_TRANSIT_SEAL_DISABLE_RENEWAL or false
+
+### `vault_transit_key_name`
+
+- The transit key to use for encryption and decryption
+- Default value: VAULT_TRANSIT_SEAL_KEY_NAME or `autounseal`
+
+### `vault_transit_mount_path`
+
+- The mount path to the transit secret engine.
+- Default value: VAULT_TRANSIT_SEAL_MOUNT_PATH or `transit/`
+
+
 ## License
 
 BSD-2-Clause
diff --git a/defaults/main.yml b/defaults/main.yml
index 005176ea..523c4ebf 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -344,6 +344,15 @@ vault_gkms_region: 'global'
 vault_gkms_key_ring: 'vault'
 vault_gkms_crypto_key: 'vault_key'
 
+# transit seal
+vault_transit: false
+vault_backend_transit: vault_seal_transit.j2
+vault_transit_address: "{{ lookup('env','VAULT_ADDR') | default('', true) }}"
+vault_transit_token: "{{ lookup('env','VAULT_TOKEN') | default('', true) }}"
+vault_transit_disable_renewal: "{{ lookup('env','VAULT_TRANSIT_SEAL_DISABLE_RENEWAL') | default('false', true) }}"
+vault_transit_key_name: "{{ lookup('env','VAULT_TRANSIT_SEAL_KEY_NAME') | default('autounseal', true) }}"
+vault_transit_mount_path: "{{ lookup('env','VAULT_TRANSIT_SEAL_MOUNT_PATH') | default('transit/', true) }}"
+
 # pkcs11 seal
 vault_enterprise_premium_hsm: false
 # WARNING: the following variable is deprecated as this section will become
diff --git a/templates/vault_main_configuration.hcl.j2 b/templates/vault_main_configuration.hcl.j2
index 5965d88e..a5c0ad6b 100644
--- a/templates/vault_main_configuration.hcl.j2
+++ b/templates/vault_main_configuration.hcl.j2
@@ -100,15 +100,19 @@ ui = {{ vault_ui | bool | lower }}
 
 {% if vault_entropy_seal | bool -%}
   {% include 'vault_entropy_seal.j2' with context %}
-{% endif %}
+{% endif -%}
 
 {% if vault_enterprise_premium_hsm | bool -%}
   {% include vault_backend_seal with context %}
-{% endif %}
+{% endif -%}
 
 {% if vault_gkms | bool -%}
   {% include vault_backend_gkms with context %}
-{% endif %}
+{% endif -%}
+
+{% if vault_transit | bool -%}
+  {% include vault_backend_transit with context %}
+{% endif -%}
 
 {% if vault_telemetry_enabled | bool -%}
 telemetry {