Vault Learning Resources: Vault 1.3 features and more

We are excited to announce additional hands-on guides to help you learn and integrate Vault as your secrets management solution.

What's New?

• Active Directory Service Account Check-out: This guide walks you through the new feature made available with the Active Directory secrets engine.
• HSM Integration - Entropy Augmentation: This guide demonstrates the integration with HSM to allow external entropy source in Vault.
• Troubleshooting Vault: This guide provides the general approach to find errors and troubleshooting Vault.
• Codify Management of Vault: This Katacoda scenario demonstrates the use of Terraform to manage your Vault configuration.

»Active Directory Service Account Check-out

The Active Directory Service Account Check-out guide introduces the new feature added to the Active Directory (AD) secrets engine in Vault 1.3.

The AD secrets engine now allows Vault users to manage a set of AD credentials available within a system. This selection of AD Credentials can be shared within a team such that each team member can only be allowed to use one selected credential at a time, with credentials rotated as a user checks their credentials back in.

»HSM Integration - Entropy Augmentation

NOTE: The Entropy Augmentation is a Vault Enterprise feature.

The HSM Integration - Entropy Augmentation guide demonstrates the Entropy Augmentation feature introduced in Vault Enterprise 1.3.

Critical to any cryptographic system is its entropy, the randomness of the pseudorandom number generator (or PRNG) used for generating random numbers used in cryptographic operations such as key creation and encryption.

Now, the HSM integration was extended to allow Vault to sample entropy (or randomness for cryptographic operations) from an external source via the seals interface.

»Troubleshooting Vault

The Troubleshooting Vault guide is designed to help you gather information to troubleshoot your Vault environment. This guide covers the following topics:

• Audit Logs
• Vault Server Logs
• Troubleshoot the storage backend
• Troubleshooting approach
  • Reproduce the bug
  • Source of the error
  • Vault Policies
  • Search Vault GitHub and Google Group
• [Vault 1.3] Vault debug tool

NOTE: The Vault debug tool is a new feature introduced in Vault 1.3.

»Katacoda - Codify Management of Vault

The Codify Management of Vault tutorial is an interactive tutorial powered by Katacoda.

Once a Vault cluster is up and running, some initial setups need to be performed before Vault clients can start accessing Vault (e.g. enable and configure auth methods, create policies, enable secrets engine). Terraform is a powerful infrastructure as code tool that can make those initial setups automated and repeatable.