In this video, learn how to use policies to authorize access to secrets.
- [Instructor] Let's demonstrate the process of defining…and uploading policies to Vault.…We'll then create some users…in the user pass authentication system,…and show how to manually associate those users to a policy.…When that's done we can see how the policies…affect what those tokens can do in Vault.…First start a new dev server in a terminal…with vault server -dev.…I'm going to use Visual Studio Code to demonstrate…using the integrated terminal.…Open the exercise files with Visual Studio Code.…
You can open the integrated terminal…by going to the view menu and select integrated terminal.…Here in integrated terminal let's execute vault status…to make sure that the server's running and we're good.…We'll clear that out.…First let's look at the policies we'll be uploading.…App-policy.hcl is the policy for an application…and can only read from secret/dev.…Dev/policy.hcl is the policy a developer would use…to write to secret/dev.…
One thing to note, the dev server we started uses…the KV Secrets Engine version two.…
- What is Vault?
- Using the dev server
- Working with Vault secrets engines
- Adding policies to Vault
- Running and using Vault
- Configuring the database secrets engine
- Implementing Vault
- Integrating Jenkins with Vault
- Using the Vault API
Skill Level Beginner
DevOps Foundations: Infrastructure as Codewith Ernest Mueller2h 6m Intermediate
1. Introduction to Vault
2. Getting Started with Vault
3. Running and Using Vault
4. Implementing Vault
5. Using the Vault API
Next steps with Vault1m 23s
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
This will not affect your course history, your reports, or your certificates of completion for this course.Cancel
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.