HashiCorp Vault Associate Certification Master Course

Compare authentication methods

• Describe authentication methods

• Choose an authentication method based on use case

• Differentiate human vs. system-auth methods

Create Vault policies

• Illustrate the value of Vault policy

• Describe Vault policy syntax: path

• Describe Vault policy syntax: capabilities

• Craft a Vault policy based on requirements

Assess Vault tokens

• Describe Vault token

• Differentiate between service and batch tokens. Choose one based on use-case

• Describe root token uses and lifecycle

• Define token accessors

• Explain time-to-live

• Explain orphaned tokens

• Create tokens based on need

Manage Vault leases

• Explain the purpose of a lease ID

• Renew leases

• Revoke leases

Compare and configure Vault secrets engines

• Choose a secret method based on the use case

• Contrast dynamic secrets vs. static secrets and their use cases

• Define transit engine

• Define secrets engines

Utilize Vault CLI

• Authenticate to Vault

• Configure authentication methods

• Configure Vault policies

• Access Vault secrets

• Enable Secret engines

• Configure environment variables

Utilize Vault UI

• Authenticate to Vault

• Configure authentication methods

• Configure Vault policies

• Access Vault secrets

• Enable Secret engines

Be aware of the Vault API

• Authenticate to Vault via Curl

• Access Vault secrets via Curl

Explain Vault architecture

• Describe the encryption of data stored by Vault

• Describe cluster strategy

• Describe storage backends

• Describe the Vault agent

• Describe secrets caching

• Be aware of identities and groups

• Describe Shamir secret sharing and unsealing

• Be aware of replication

• Describe seal/unseal

• Explain response wrapping

• Explain the value of short-lived, dynamically generated secrets

Explain encryption as a service

• Configure transit secret engine

• Encrypt and decrypt secrets

• Rotate the encryption key