Leanpub Header

Skip to main content
Go to Leanpub.comLeanpub

Getting Started with HashiCorp Vault

A hands-on guide on HashiCorp Vault for beginners.

Anubhav Mishra

HashiCorp Vault is a popular secret management project used by small startups to the world's largest organizations. In this book, learn core Vault concepts and application patterns using a hands-on approach.

Minimum price

$9.99

$9.99

You pay

$9.99

Author earns

$7.99
$

...Or Buy With Credits!

You can get credits monthly with a Reader Membership
PDF
EPUB
WEB
About

About

About the Book

Getting Started with HashiCorp Vault is a beginner's guide to understanding HashiCorp Vault which is a popular secret management project.

This hands-on book provides a guided approach to core Vault concepts, covering everything from fundamental features like static and dynamic secrets, authentication methods, and Vault policies. You'll also discover practical application and operational patterns to effectively leverage Vault's powerful features within your own applications.

Share this book

Categories

Cloud ComputingComputer Security

Feedback

Email the Author

Author

About the Author

Anubhav Mishra

Anubhav Mishra is the Senior Director of Product Management at HashiCorp. Previously, he worked in the Office of the CTO at HashiCorp as the Advisor to the CTO and Head of HashiCorp Labs (Product Incubation). He has a passion for emerging technology, developer advocacy, and synthesizing solutions that help people. He also worked at Hootsuite, where he created Atlantis - An Open Source project that helps teams collaborate on Infrastructure using Terraform. Anubhav loves working with distributed systems and exploring new technologies. He also loves open source software and is continuously finding ways to contribute to projects that excite him. That has led him to contribute to projects like Virtual Kubelet (a CNCF project) and dapr. He often speaks at conferences. In his free time, he DJs, makes music, and plays football. He’s a huge Manchester United supporter.

Contents

Table of Contents

Foreword

Preface

  1. Who is this book for?
  2. Versioning
  3. About the Author

Acknowledgements

  1. IPart 1 - Basics

1Introducing Vault

  1. 1.1Application security facts and figures
  2. 1.2What is Vault
  3. Vault architecture
  4. Workflow
  5. 1.3Case studies
  6. Case study one: application security
  7. Case study two: operational security
  8. 1.4What you’ll learn
  9. 1.5Summary

2Getting started with Vault

  1. 2.1Vault in practice
  2. Vault command-line interface
  3. Writing secrets into Vault
  4. Reading secrets from Vault
  5. Restricting secret access using policy
  6. Policy
  7. Vault HTTP API
  8. Accessing secrets using the Vault API
  9. Vault UI
  10. 2.2Summary

3Authenticating with Vault

  1. 3.1Basic authentication workflow with Vault
  2. 3.2Auth methods
  3. User permissions in an organization
  4. Enabling an authentication method
  5. Configuring an authentication method
  6. Testing your LDAP server settings
  7. Mapping LDAP groups to Vault policy
  8. Authenticating applications with Vault
  9. Configuring AppRole authentication method
  10. Authentication using the Vault Agent
  11. Interacting with Vault using the Vault Agent
  12. 3.3Summary

4Storing and generating secrets using Vault

  1. 4.1Secrets engine
  2. Enabling a key-value secrets engine
  3. Generic key-value secrets engine
  4. Versioned key-value secrets engine
  5. Database secrets engine
  6. Generating on-demand cloud credentials
  7. 4.2Summary

5Control access in Vault using policy

  1. 5.1Vault policy syntax
  2. Managing policies
  3. 5.2Summary
  4. IIPart 2 - Application Patterns

6Application secrets with Vault Agent

  1. 6.1Vault Agent
  2. Configuring Vault Agent
  3. Creating templates for Vault Agent
  4. Configuring Vault Agent to render templates
  5. 6.2Summary

7Using Vault with HashiCorp Nomad

  1. 7.1Using Nomad and Vault together
  2. Deploying MySQL
  3. Configuring database secrets engine
  4. Configuring Vault with Nomad cluster-related policies and roles
  5. Configuring Nomad to use Vault
  6. 7.2Running workloads on Nomad
  7. Redeploying MySQL
  8. Deploying an application
  9. Validating application
  10. Revoking generated database credentials
  11. 7.3Summary

8Using Vault with Kubernetes

  1. 8.1Using Kubernetes and Vault together
  2. Configuring key-value secrets engine
  3. Creating Vault service in Kubernetes
  4. Installing Vault Agent Injector in Kubernetes
  5. Configuring Kubernetes authentication method
  6. Configuring Vault policy and role
  7. 8.2Fetching secrets for Kubernetes workloads from Vault
  8. 8.3Summary
  9. IIIPart 3 - Operational Patterns

9Securing SSH with Vault

  1. 9.1Enabling SSH secrets engine
  2. 9.2Configuring SSH secrets engine
  3. Creating a role to use the SSH secrets engine
  4. Configuring machines to use one-time SSH passwords from Vault
  5. 9.3Summary

10Integration Vault with CI systems

  1. 10.1Authenticating CI/CD system with Vault
  2. Enabling and Configuring AppRole authentication method
  3. Store GitLab Token in Vault
  4. Create Policy for Accessing Secrets
  5. Generating Role ID and Secret ID
  6. 10.2Configuring Vault Plugin in Jenkins
  7. 10.3Fetching Secrets in Jenkins Job
  8. Create Jenkins Job
  9. Run Jenkins Job
  10. 10.4Summary

Appendix A - Vault development environment

  1. Installing Vault
  2. Starting the Vault Server

Appendix B - GLAuth LDAP server

  1. Installing GLAuth
  2. Downloading GLAuth config

Appendix C - jq Command-line JSON Processor

  1. Installing jq
  2. Try it out

Appendix d - Vagrant environment

  1. Installing Vagrant
  2. Installing Vagrant provider
  3. Validate Vagrant installation
  4. Install vbguest plugin
  5. Initialize Vagrant
  6. Start Vagrant machine
  7. Access the Vagrant machine

Appendix e - Nomad development environment

  1. Prerequisites
  2. Installing Vagrant
  3. Installing Docker in Vagrant
  4. Installing Nomad
  5. Validate Nomad installation
  6. Initialize Nomad Cluster in Dev Mode
  7. Validate the Nomad Dev Cluster
  8. Accessing Nomad UI

Appendix f - minikube environment

  1. Prerequisites
  2. Installing Docker
  3. Installing kubectl and Helm CLI
  4. Installing minikube
  5. Starting a Kubernetes cluster
  6. Validating Cluster
  7. Validating kubectl

Appendix g - Jenkins on Docker

  1. Prerequisites
  2. Installing Docker
  3. Running Jenkins container

Get the free sample chapters

Click the buttons to get the free sample in PDF or EPUB, or read the sample online here

Download Sample PDFDownload Sample EPUB

The Leanpub 60 Day 100% Happiness Guarantee

Within 60 days of purchase you can get a 100% refund on any Leanpub purchase, in two clicks.

Now, this is technically risky for us, since you'll have the book or course files either way. But we're so confident in our products and services, and in our authors and readers, that we're happy to offer a full money back guarantee for everything we sell.

You can only find out how good something is by trying it, and because of our 100% money back guarantee there's literally no risk to do so!

So, there's no reason not to click the Add to Cart button, is there?

See full terms...

Earn $8 on a $10 Purchase, and $16 on a $20 Purchase

We pay 80% royalties on purchases of $7.99 or more, and 80% royalties minus a 50 cent flat fee on purchases between $0.99 and $7.98. You earn $8 on a $10 sale, and $16 on a $20 sale. So, if we sell 5000 non-refunded copies of your book for $20, you'll earn $80,000.

(Yes, some authors have already earned much more than that on Leanpub.)

In fact, authors have earned over $14 million writing, publishing and selling on Leanpub.

Learn more about writing on Leanpub

Free Updates. DRM Free.

If you buy a Leanpub book, you get free updates for as long as the author updates the book! Many authors use Leanpub to publish their books in-progress, while they are writing them. All readers get free updates, regardless of when they bought the book or how much they paid (including free).

Most Leanpub books are available in PDF (for computers) and EPUB (for phones, tablets and Kindle). The formats that a book includes are shown at the top right corner of this page.

Finally, Leanpub books don't have any DRM copy-protection nonsense, so you can easily read them on any supported device.

Learn more about Leanpub's ebook formats and where to read them

Write and Publish on Leanpub

You can use Leanpub to easily write, publish and sell in-progress and completed ebooks and online courses!

Leanpub is a powerful platform for serious authors, combining a simple, elegant writing and publishing workflow with a store focused on selling in-progress ebooks.

Leanpub is a magical typewriter for authors: just write in plain text, and to publish your ebook, just click a button. (Or, if you are producing your ebook your own way, you can even upload your own PDF and/or EPUB files and then publish with one click!) It really is that easy.

Learn more about writing on Leanpub