Vault 1.5 was announced on July 21st and many of us are itching to try and experiment with those new features! Come visit the Vault Learn site where you will find the Vault 1.5 Release Highlights with the list of tutorials that are now available.
RedHat's OpenShift is a distribution of the Kubernetes platform that provides a number of usability and security enhancements.
The Vault Installation to RedHat OpenShift via Helm tutorial walks you through the installation of Vault via the Helm chart on an OpenShift cluster. You will deploy two web applications: one that authenticates and requests secrets directly from the Vault server, and another that employs deployment annotations that enable it to remain Vault-unaware.
Performance Tuning provides guidelines and best practices for tuning the Vault environment for optimal performance. Learn some of the most common resource limitations and maximum values that you can encounter when tuning Vault for performance, and access best practice recommendations that should be applied when possible and practical, based on your specific environment and requirements.
Many people have asked for an updated Vault monitoring guide, so here it is! Monitor Telemetry & Audit Device Log Data with Splunk walks you through monitoring Vault telemetry metrics and audit device logs with Splunk, including configuration, key metrics for monitoring and alerting, and information about the new Vault Enterprise Splunk App. You will learn about important metrics to monitor, and action steps for responding to anomalies with specific metrics.
When Vault 1.4 announced integrated storage, it lacked the support for
ha_storage stanza is used along with the
storage stanza in the Vault server
configuration to handle the high availability (HA) coordination if the chosen
storage is a non-HA supporting storage backend.
As of Vault 1.5, integrated storage can be used as an
ha_storage to store information necessary to coordinate high availability.
Use Integrated Storage for HA Coordination walks you though the server configuration to leverage integrated storage as an HA storage.
Vault 1.5 introduced resource quotas to protect your Vault environment's stability and network, as well as storage resource consumption from runaway application behavior and distributed denial of service (DDoS) attacks.
Protecting Vault with Resource Quotas explains the usage of rate limit quotas and lease count quotas. You will explore and examine the error message that the quota violation throws and learn how to implement these protections against misbehaving applications and clients.
Often, an organization must adhere to specific password requirements and the Vault generated passwords may not comply with the rules.
Vault 1.5 introduced support for configurable password generation defined by a password policy. User Configurable Password Generation for Secret Engines walks you through the steps to create a password policy and configure a secrets engine to levearge it.
One of the pillars behind the Tao of Hashicorp is automation through codification.
Terraform Vault provider v2.12.0 introduced support for the Transform secrets engine, which came out in Vault 1.4. This tutorial showcases the ability of the Transform secrets engine to encode credit card numbers.
Vault SSH Help v0.1.6 announced a support for Vault Enterprise namespaces.
Extensive work has been done to the Vault UI in Vault 1.5 to improve the operational tasks for managing enterprise replications. The following tutorials were updated with new workflow and screenshots.
Check out these new resources and more on HashiCorp Learn.
A recap of HashiCorp infrastructure and security news and developments on AWS from the past year, from self-service provisioning to fighting secrets sprawl and more.
Vault benchmark is an open source tool that tests the performance of HashiCorp Vault auth methods and secrets engines.
If you’re attending AWS re:Invent in Las Vegas, Nov. 27 - Dec. 1, visit us for breakout sessions, expert talks, and product demos to learn how to accelerate your adoption of a cloud operating model.