From the course: Learning HashiCorp Vault
Unlock the full course today
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Vault policies overview - Vault Tutorial
From the course: Learning HashiCorp Vault
Vault policies overview
- [Instructor] Policies perform authorization on an authenticated request. Secrets are accessed in Vault using a token. Tokens are keys that can be used to read and write secrets to Vault secrets engines. A root token is a special token that never expires and can access all paths in a Vault server. All other tokens are authorized to read and write secrets through policies. Policies can be automatically associated with tokens issued to a single user or groups of users. The way that a policy is applied to a token depends on the authentication method used to retrieve the token. Authentication methods that support policy mapping can be configured by writing that configuration to Vault. For example, Active Directory groups and GitHub teams can be associated with policies. Vault uses HashiCorp Configuration Language, a JSON compatible format, to define policies. They can be uploaded to a Vault server using the CLI or the associated API. Policies are denied by default which means that…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.