From the course: Learning HashiCorp Vault
Unlock the full course today
Join today to access over 22,700 courses taught by industry experts or purchase this course individually.
Database secrets engine overview - Vault Tutorial
From the course: Learning HashiCorp Vault
Database secrets engine overview
- [Instructor] Perhaps contrary to their name, database secrets engines don't actually store secrets in a database, though that may seem like their natural function. In fact, they act as an authentication mechanism to supported databases. Most databases support username/password authentication. The password is a secret that must be generated then protected. IT organizations use a variety of methods to protect these secrets and safely deploy them to applications as needed. Database username/password combinations are often stored in build configurations, continuous integration systems, or configuration management systems. The Vault Database Secrets Engine provides a replacement for all these methods by integrating directly with supported databases. Vault becomes an alternative authentication mechanism for the database. Database clients authenticate to Vault, then request database credentials. Vault generates the credentials as a dynamic secret. The secret doesn't exist until it's read…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Contents
-
-
-
-
-
(Locked)
Running a Vault server2m 21s
-
(Locked)
Initializing and unsealing a Vault server2m 43s
-
(Locked)
Running the containers5m 18s
-
(Locked)
SSH secrets engine overview1m 38s
-
(Locked)
SSH secrets engine set up6m 44s
-
(Locked)
Database secrets engine overview2m 1s
-
(Locked)
Configuring the database secrets engine3m 23s
-
(Locked)
Policies and credentials with the database secrets engine5m 18s
-
(Locked)
-
-
-