Learn How to Run a Multi-tenant Vault with the New Namespaces Feature
Aug 15, 2018
Namespaces allow you to create distinct "mini-Vaults" with their own separate policies, mounts, tokens, and identity entries. Learn how to use this new feature.
- Jake LundbergSenior Solutions Engineer, HashiCorp
Namespaces introduces a new model for easier delegation within Vault.
Namespaces allows users to manage ACL policy creation and editing for paths for self-management and secure multi-tenancy. This webinar, featuring Jake Lundberg from HashiCorp, will talk about everything that is new with Namespaces and dive into how to set up multi-tenancy with Namespaces in Vault.
Watch this webinar to learn:
- What Vault Namespaces are
- How Namespaces work with Sentinel
- How to get up and running with Vault Namespaces
Questions asked during this webinar
- When will be Namespaces be released?
- Are these namespaced ACLs going to be an Enterprise-only feature?
- Is there a secrets migration plan to adapt namespaces from existing non-namespaces? (without impact to consuming apps)
- Do you have any examples of an API read or write using namespaces?
- Are the namespace policies (ACL) unique per namespace? Can we re-use the ACL name in different namespaces?
- Is there a limit in the number of namespaces that can be created?
- We are currently using a version older than 8.x. Will there be any issues in upgrading to the latest version?
- Are all the Auth Methods namespace aware? (LDAP, AppRole..etc)
- What are the best practices for creating policies? Can you create policies locally, for example, then export out to dev/build cluster?
- Namespaces are hierarchical but do policies have inheritance? Redundancy?
- What are value additions of using namespaces in terms of maintenance/security/administration/portability/etc?