Configure and Test HashiCorp Vault REST API

1 hour
  • 4 Learning Objectives

About this Hands-on Lab

In this hands-on lab, we will be required to create a token along with a policy allowing us to create and work with secrets at specific paths. We achieve this by making various requests to the API endpoints.

Learning Objectives

Successfully complete this lab by achieving the following learning objectives:

Log in with Root Token and Unseal Vault
  • Unseal vault.
  • Log in with root token.
Enable kv Secrets Engine on Multiple Arbitrary Paths
  • Enable kv secrets engine at secrets-kv-X path.
  • Enable kv secrets engine at secrets-kv-Y path.
  • Enable kv secrets engine at secrets-kv-Z path.
Create a Policy for All the Previously Created Paths – CREATE, READ, DELETE
  • Create a policy file.
  • Populate a policy file.
  • Write a policy.
Create a Token with the Previously Created Policy and Test Out the API Calls with curl
  • Create token and assign the newly created policy.
  • Create secrets.
  • Get a secret.
  • Delete a secret.
  • Try to get a deleted secret.

Additional Resources

  • Use dig to get the domain name of the server or open the Domain file:
    dig -x <SERVER PUBLIC IP>
    cat /home/cloud_user/Domain
  • Vault keys and root token are located at:

What are Hands-on Labs

Hands-on Labs are real environments created by industry experts to help you learn. These environments help you gain knowledge and experience, practice without compromising your system, test without risk, destroy without fear, and let you learn from your mistakes. Hands-on Labs: practice your skills before delivering in the real world.

Sign In
Welcome Back!

Psst…this one if you’ve been moved to ACG!

Get Started
Who’s going to be learning?