Write and Test a HashiCorp Vault Policy

1 hour
  • 4 Learning Objectives

About this Hands-on Lab

As part of this lab, we will need to create two policies for two paths and define different permissions. Once the policies are in place, we can assign them to tokens and test out access to the paths.

Learning Objectives

Successfully complete this lab by achieving the following learning objectives:

Enable kv Secrets Engine at Two Paths
  • Enable kv secrets engine at secrets-kv-X path
  • Enable kv secrets engine at secrets-kv-Y path
Create a Policy that Allows Read Access at secrets-kv-X Path and Write Access at secrets-kv-Y Path
  • Create a policy file
  • Populate a policy file
  • Write a policy
Create a Policy that Allows Read Access at secrets-kv-Y Path and Write Access at secrets-kv-X Path
  • Create a policy file
  • Populate a policy file
  • Write a policy
Create Two Tokens, Each with One Policy and Test It Out!
  • Create token with policy XY
  • Create token with policy YX
  • Test token with policy XY

Additional Resources

  • Use dig to get the domain name of the server or open the domain file:

    dig -x <SERVER PUBLIC IP>
    cat /home/cloud_user/Domain
  • Vault keys and root token are located at:

    /home/cloud_user/Keys

What are Hands-on Labs

Hands-on Labs are real environments created by industry experts to help you learn. These environments help you gain knowledge and experience, practice without compromising your system, test without risk, destroy without fear, and let you learn from your mistakes. Hands-on Labs: practice your skills before delivering in the real world.

Get Started
Who’s going to be learning?

How many seats do you need?

  • $499 USD per seat per year
  • Billed Annually
  • Renews in 12 months

Ready to accelerate learning?

For over 25 licenses, a member of our sales team will walk you through a custom tailored solution for your business.


$2,495.00

Checkout
Sign In
Welcome Back!

Psst…this one if you’ve been moved to ACG!