Join David Swersky for an in-depth discussion in this video Vault policies overview, part of Learning HashiCorp Vault.
- [Instructor] Policies perform authorization…on an authenticated request.…Secrets are accessed in Vault using a token.…Tokens are keys that can be used…to read and write secrets to Vault secrets engines.…A root token is a special token that never expires…and can access all paths in a Vault server.…All other tokens are authorized…to read and write secrets through policies.…Policies can be automatically associated with tokens…issued to a single user or groups of users.…The way that a policy is applied to a token…depends on the authentication method used…to retrieve the token.…
Authentication methods that support policy mapping…can be configured by writing that configuration to Vault.…For example, Active Directory groups and GitHub teams…can be associated with policies.…Vault uses HashiCorp Configuration Language,…a JSON compatible format, to define policies.…They can be uploaded to a Vault server…using the CLI or the associated API.…Policies are denied by default…which means that permissions must be explicitly granted.…
- What is Vault?
- Using the dev server
- Working with Vault secrets engines
- Adding policies to Vault
- Running and using Vault
- Configuring the database secrets engine
- Implementing Vault
- Integrating Jenkins with Vault
- Using the Vault API
Skill Level Beginner
1. Introduction to Vault
2. Getting Started with Vault
3. Running and Using Vault
4. Implementing Vault
5. Using the Vault API
Next steps with Vault1m 23s
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
This will not affect your course history, your reports, or your certificates of completion for this course.Cancel
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.