From the course: Learning HashiCorp Vault
Join today to access over 22,500 courses taught by industry experts or purchase this course individually.
Secure introduction overview - Vault Tutorial
From the course: Learning HashiCorp Vault
Secure introduction overview
- [Instructor] Vault credentials-based authentication, such as LDAP and GitHub, return tokens. The tokens are in a sense keys to Vault. This presents a challenge. The tokens themselves become secrets. Those tokens can become a vulnerability if they're stolen by interception or carelessness. How do we protect the keys that protect the secrets? We can't lock them in the Vault. That will be like protecting your house key by locking it inside your house. Sure the key is safe, but you're sleeping outside tonight. The keys used to access Vault must be protected. This is especially true for keys delivered by automation to applications and systems. HashiCorp refers to the challenge of securely delivering keys to a deployed application as secure introduction. How do we securely introduce an application to our environment without putting secrets at risk? There is no perfect totally secure way to deliver secrets to an application. However, there are ways to make it more difficult to steal or…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.