The goal of this lab is to configure a HashiCorp vault in such a way that will provide authentication for a web application API. This can be achieved by creating a KV – Secrets Engine whose contents will be compared with what the user sends in the authentication header. If there is a positive match, the API GET request is authenticated by the secrets engine; if there is no positive match, then the request is classified as unauthorized.
Learning Objectives
Successfully complete this lab by achieving the following learning objectives:
- Unseal the Vault and Log in with the Root Token
- Unseal the vaults.
- Log in with the root token.
- Enable a `kv` Store and Limit its Access
- Enable a
kvstore. - Create a kv secret.
- Create a policy for an access token.
- Create an access token.
- Test the token out.
- Enable a
- Clone github repo, modify app code and then run the app on the web server
- Clone the GitHub repository.
- Install pip for python3.
- Install django framework.
- Add the
Web Serverhost to the list of allowed hosts.
- Test out the API call
- Run the Django app.
- Make a test call from the
Client Server.
