Vault Architecture

HashiCorp Vault provides a simple and effective way to manage security in cloud infrastructure. The HashiCorp Vault service secures, stores, and tightly controls access to tokens, passwords, certificates, API keys, and other secrets in modern computing.

This lesson will enable you to recognize, explain, and implement the services and functions provided by the HashiCorp Vault service.

Agenda

In this lesson we learn to recognize and implement the core HashiCorp Vault services in cloud infrastructure. The topics we cover are as follows: 

• Vault architecture and its core components
• Vault policies and how they are used to grant or forbid access to operations in Vault
• Secrets and secret management as performed within Vault
• Vault cubbyholes and how they can be utilized
• Vault dynamic secrets
• Vault authentication and Vault identities

Intended Audience

This lesson will appeal to anyone looking to extend their knowledge of cloud security best practices, and to learn more about the tools and services available to help manage cloud security. If you are performing any of the roles below, we recommend completing this lesson. 

• Architects and Developers
• System Administrators
• Security specialists
• DevOps specialists
• And anyone else interested in managing and maintaining secrets 

Learning Objectives

At the end of this lesson you will be able to explain and implement the HashiCorp Vault service, and you will also be able to implement the Vault CLI and API to execute tasks related to Vault administration. By completing this lesson, you will:

• Understand the core principles of Vault, including how Vault can be used to manage and maintain secrets
• Understand the key benefits of using Vault, including how to deploy and configure it within your own environments
• Be able to evaluate and select HashiCorp Vault services
• Know how to implement the Vault CLI and API to execute tasks related to administration and configuration

Prerequisites

We recommend completing the Cloud Academy DevOps Fundamentals Course so you have a basic understanding of system administration and configuration tasks.