diff --git a/.travis.yml b/.travis.yml
index 28381b3..a5d665a 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -7,16 +7,42 @@ stages:
 sudo: required
 cache: bundler
 language: ruby
+dist: xenial
 
 services:
   - docker
 
+# Make sure the instances listed below match up with
+# the `platforms` defined in `kitchen.yml`
 env:
-  - PLATFORM=ubuntu
-  - PLATFORM=centos
-  - PLATFORM=amazon
+  matrix:
+    - INSTANCE: debian-9-develop-py3
+    # - INSTANCE: ubuntu-1804-develop-py3
+    # - INSTANCE: centos-7-develop-py3
+    # - INSTANCE: fedora-30-develop-py3
+    # - INSTANCE: opensuse-leap-15-develop-py3
+    # - INSTANCE: debian-9-2019-2-py3
+    - INSTANCE: ubuntu-1804-2019-2-py3
+    - INSTANCE: centos-7-2019-2-py3
+    # - INSTANCE: fedora-30-2019-2-py3
+    # - INSTANCE: opensuse-leap-15-2019-2-py3
+    # - INSTANCE: debian-9-2018-3-py2
+    # - INSTANCE: ubuntu-1604-2018-3-py2
+    # - INSTANCE: centos-7-2018-3-py2
+    - INSTANCE: fedora-29-2018-3-py2
+    # TODO: Use this when fixed instead of `opensuse-leap-42`
+    # Ref: https://github.com/netmanagers/salt-image-builder/issues/2
+    # - INSTANCE: opensuse-leap-15-2018-3-py2
+    - INSTANCE: opensuse-leap-42-2018-3-py2
+    - INSTANCE: debian-8-2017-7-py2
+    # - INSTANCE: ubuntu-1604-2017-7-py2
+    # TODO: Enable after improving the formula to work with other than `systemd`
+    # - INSTANCE: centos-6-2017-7-py2
+    # - INSTANCE: fedora-29-2017-7-py2
+    # - INSTANCE: opensuse-leap-15-2017-7-py2
 
-script: bundle exec kitchen test ${PLATFORM}
+script:
+  - bundle exec kitchen test ${INSTANCE}
 
 jobs:
   include:
diff --git a/FORMULA b/FORMULA
index ff8ec48..f0eeeb2 100644
--- a/FORMULA
+++ b/FORMULA
@@ -1,9 +1,9 @@
 name: vault
-os: Debian, Ubuntu, RedHat, Fedora, CentOS, Amazon
-os_family: Debian, RedHat
+os: Debian, Ubuntu, RedHat, Fedora, CentOS, Amazon, SUSE
+os_family: Debian, RedHat, Suse
 version: 1.0.6
 release: 1
-minimum_version: 2018.3
+minimum_version: 2017.7
 summary: Vault formula
 description: Formula to install and configure Hashicorp Vault
 top_level_dir: vault
diff --git a/kitchen.yml b/kitchen.yml
index aa52c30..75e9ae7 100644
--- a/kitchen.yml
+++ b/kitchen.yml
@@ -1,40 +1,136 @@
+# -*- coding: utf-8 -*-
+# vim: ft=yaml
 ---
+# For help on this file's format, see https://kitchen.ci/
 driver:
   name: docker
   use_sudo: false
   privileged: true
-  run_command: /sbin/init
-  provision_command:
-    - curl -L https://bootstrap.saltstack.com | sh -s -- -X     # install Salt and dependencies here to make use of Docker build cache, speeding up tests massively
+  run_command: /lib/systemd/systemd
 
-verifier:
-  name: inspec
+# Make sure the platforms listed below match up with
+# the `env.matrix` instances defined in `.travis.yml`
+platforms:
+  - name: amazonlinux
+    driver:
+      image: amazonlinux:1
+      platform: rhel
+      run_command: /sbin/init
+      provision_command:
+        - curl -L https://bootstrap.saltstack.com | sh -s -- -X     # install latest stable Salt
+
+  ## SALT `develop`
+  - name: debian-9-develop-py3
+    driver:
+      image: netmanagers/salt-develop-py3:debian-9
+      provision_command:
+        - curl -o bootstrap-salt.sh -L https://bootstrap.saltstack.com
+        - sh bootstrap-salt.sh -XdPbfrq -x python3 git develop
+  - name: ubuntu-1804-develop-py3
+    driver:
+      image: netmanagers/salt-develop-py3:ubuntu-18.04
+      provision_command:
+        - curl -o bootstrap-salt.sh -L https://bootstrap.saltstack.com
+        - sh bootstrap-salt.sh -XdPbfrq -x python3 git develop
+  - name: centos-7-develop-py3
+    driver:
+      image: netmanagers/salt-develop-py3:centos-7
+      provision_command:
+        - curl -o bootstrap-salt.sh -L https://bootstrap.saltstack.com
+        - sh bootstrap-salt.sh -XdPbfrq -x python3 git develop
+  - name: fedora-30-develop-py3
+    driver:
+      image: netmanagers/salt-develop-py3:fedora-30
+      provision_command:
+        - curl -o bootstrap-salt.sh -L https://bootstrap.saltstack.com
+        - sh bootstrap-salt.sh -XdPbfrq -x python3 git develop
+  - name: opensuse-leap-15-develop-py3
+    driver:
+      image: netmanagers/salt-develop-py3:opensuse-leap-15
+      provision_command:
+        - curl -o bootstrap-salt.sh -L https://bootstrap.saltstack.com
+        - sh bootstrap-salt.sh -XdPbfrq -x python3 git develop
+      run_command: /usr/lib/systemd/systemd
+
+  ## SALT 2019.2
+  - name: debian-9-2019-2-py3
+    driver:
+      image: netmanagers/salt-2019.2-py3:debian-9
+  - name: ubuntu-1804-2019-2-py3
+    driver:
+      image: netmanagers/salt-2019.2-py3:ubuntu-18.04
+  - name: centos-7-2019-2-py3
+    driver:
+      image: netmanagers/salt-2019.2-py3:centos-7
+  - name: fedora-30-2019-2-py3
+    driver:
+      image: netmanagers/salt-2019.2-py3:fedora-30
+  - name: opensuse-leap-15-2019-2-py3
+    driver:
+      image: netmanagers/salt-2019.2-py3:opensuse-leap-15
+      run_command: /usr/lib/systemd/systemd
+
+  ## SALT 2018.3
+  - name: debian-9-2018-3-py2
+    driver:
+      image: netmanagers/salt-2018.3-py2:debian-9
+  - name: ubuntu-1604-2018-3-py2
+    driver:
+      image: netmanagers/salt-2018.3-py2:ubuntu-16.04
+  - name: centos-7-2018-3-py2
+    driver:
+      image: netmanagers/salt-2018.3-py2:centos-7
+  - name: fedora-29-2018-3-py2
+    driver:
+      image: netmanagers/salt-2018.3-py2:fedora-29
+  # TODO: Use this when fixed instead of `opensuse-leap-42`
+  # Ref: https://github.com/netmanagers/salt-image-builder/issues/2
+  # - name: opensuse-leap-15-2018-3-py2
+  #   driver:
+  #     image: netmanagers/salt-2018.3-py2:opensuse-leap-15
+  #     run_command: /usr/lib/systemd/systemd
+  - name: opensuse-leap-42-2018-3-py2
+    driver:
+      image: netmanagers/salt-2018.3-py2:opensuse-leap-42
+      run_command: /usr/lib/systemd/systemd
+
+  ## SALT 2017.7
+  - name: debian-8-2017-7-py2
+    driver:
+      image: netmanagers/salt-2017.7-py2:debian-8
+  - name: ubuntu-1604-2017-7-py2
+    driver:
+      image: netmanagers/salt-2017.7-py2:ubuntu-16.04
+  # TODO: Modify the formula to work for non-`systemd` platforms
+  - name: centos-6-2017-7-py2
+    driver:
+      image: netmanagers/salt-2017.7-py2:centos-6
+      run_command: /sbin/init
+  - name: fedora-29-2017-7-py2
+    driver:
+      image: netmanagers/salt-2017.7-py2:fedora-29
+  - name: opensuse-leap-15-2017-7-py2
+    driver:
+      image: netmanagers/salt-2017.7-py2:opensuse-leap-15
+      run_command: /usr/lib/systemd/systemd
 
 provisioner:
   name: salt_solo
-  salt_version: latest
   log_level: info
+  salt_install: none
   require_chef: false
   formula: vault
+  salt_copy_filter:
+    - .kitchen
+    - .git
 
-platforms:
-  - name: ubuntu-16.04
-    driver:
-      name: docker
-      provision_command:
-        - apt-get install -y locales net-tools && locale-gen en_US.UTF-8
-        - curl -L https://bootstrap.saltstack.com | sh -s -- -X
-  - name: centos-7
-    driver:
-      name: docker
-      provision_command:
-        - yum -y install net-tools    # needed by inspec
-        - curl -L https://bootstrap.saltstack.com | sh -s -- -X
-  - name: amazonlinux
-    driver:
-      name: docker
-      image: amazonlinux:1
-      platform: rhel
+verifier:
+  # https://www.inspec.io/
+  name: inspec
+  sudo: true
+  # cli, documentation, html, progress, json, json-min, json-rspec, junit
+  reporter:
+    - cli
 
 suites:
   - name: install_binary
diff --git a/test/integration/prod_server/vault_spec.rb b/test/integration/prod_server/vault_spec.rb
index 15a4d5a..1eb2989 100644
--- a/test/integration/prod_server/vault_spec.rb
+++ b/test/integration/prod_server/vault_spec.rb
@@ -10,8 +10,16 @@
   its(:stdout) { should match(/\/vault = cap_ipc_lock\+ep$/) }
 end
 
+describe user('vault') do
+  it { should exist }
+  its('group') { should eq 'vault' }
+end
+
 describe file('/etc/vault/conf.d/config.json') do
   it { should be_a_file }
+  its('owner') { should eq 'root' }
+  its('group') { should eq 'vault' }
+  its('mode') { should cmp '0640' }
 end
 
 describe.one do
diff --git a/vault/defaults.yaml b/vault/defaults.yaml
index 3357b68..504ff7f 100644
--- a/vault/defaults.yaml
+++ b/vault/defaults.yaml
@@ -3,6 +3,9 @@
 
 vault:
   version: 1.1.0
+  platform: linux_amd64
+  gpg_pkg: gnupg2
+  setcap_pkg: libcap
   dev_mode: False
   verify_download: True
   self_signed_cert:
diff --git a/vault/osfamilymap.yaml b/vault/osfamilymap.yaml
index d15d7f4..f79a276 100644
--- a/vault/osfamilymap.yaml
+++ b/vault/osfamilymap.yaml
@@ -1,13 +1,12 @@
 # -*- coding: utf-8 -*-
 # vim: ft=sls syntax=yaml softtabstop=2 tabstop=2 shiftwidth=2 expandtab autoindent
 
-RedHat:
-  platform: linux_amd64
-  gpg_pkg: gnupg2
-
 Debian:
-  gpg_pkg: gnupg2
-  platform: linux_amd64
+  setcap_pkg: libcap2-bin
+
+Suse:
+  gpg_pkg: gpg2
+  setcap_pkg: libcap-progs
 
 MacOS:
   platform: darwin_amd64
diff --git a/vault/package/install.sls b/vault/package/install.sls
index 038e479..8fd3ea3 100644
--- a/vault/package/install.sls
+++ b/vault/package/install.sls
@@ -12,8 +12,10 @@ vault-package-install-user-present:
   user.present:
     - name: vault
     - system: True
-    - gid_from_name: True
+    - gid: vault
     - home: /var/lib/vault
+    - require:
+      - group: vault-package-install-group-present
 
 vault-package-install-file-directory:
   file.directory:
@@ -51,8 +53,14 @@ vault-package-install-file-symlink:
     - target: /opt/vault/bin/vault
     - force: true
 
+vault-package-install-pkg-installed:
+  pkg.installed:
+    - name: {{ vault.setcap_pkg }}
+
 vault-package-install-cmd-run:
   cmd.run:
     - name: setcap cap_ipc_lock=+ep /opt/vault/bin/vault
+    - require:
+      - pkg: vault-package-install-pkg-installed
     - onchanges:
       - archive: vault-package-install-archive-extracted