2018年12月20日 HYAKUNA YKO

我们很高兴地宣布更多的动手指南, 以帮助您学习和集成 vault 作为您的机密管理解决方案。一些预先存在的指南也已更新。

新指南:

更新的指南:

在 vault 1.0 中, 我们开放了以前需要* vault enterprise pro* 的自动解封功能。现在, 您可以通过受信任的云提供商 (阿里云 KMS、亚马逊 KMS、Azure Key Vault 和 谷歌云 KMS) 选择自动解封。

Vault Agent 是一个客户端后台驻留程序, 它自动执行客户端登录和令牌刷新的工作流, 以管理令牌生命周期, 而无需自定义逻辑。

本指南将引导您完成使用 AWS auth 方法配置 Vault 代理所需的步骤。

KubeCon 最重要的要求之一是如何与 Kubernetes 一起使用 Vault。本指南演示如何从 Kubernetes 环境中利用 Vault 代理。

您将学习如何设置 Kubernetes auth 方法, 然后配置 Vault 代理以获取和管理在 pod 中运行的客户端的 Vault 令牌。

保管库入门-

Vault 1.0 引入了批量令牌，这些令牌支持临时、高性能的工作负载。本指南已更新, 以突出显示和比较服务令牌和批处理令牌的特征.

【原文】Vault Learning Resources: 1.0, Auto-unseal, Agent, Kubernetes

DEC 20 2018 YOKO HYAKUNA

We are excited to announce additional hands-on guides to help you learn and integrate Vault as your secrets management solution. Some of the pre-existing guides have also been updated.

New guides:

Updated guides:

In Vault 1.0 we open sourced the auto-unseal feature which previously required Vault Enterprise Pro. Now you can opt-in to automatic unsealing via your trusted cloud provider: AliCloud KMS, Amazon KMS, Azure Key Vault, and Google Cloud KMS.

Vault Agent is a client daemon which automates the workflow of client login and token refresh to manage the token lifecycle without requiring custom logic.

This guide walks you through the steps needed to configure Vault Agent using the AWS auth method.

One of the top requests from KubeCon was how to use Vault with Kubernetes. This guide demonstrates how to leverage the Vault Agent from a Kubernetes environment.

You will learn how to set up the Kubernetes auth method and then configure the Vault Agent to acquire and manage Vault tokens for the clients running in a pod.

Vault Getting Started -

Vault 1.0 introduced batch tokens which support ephemeral, high performance workloads. This guide has been updated to highlight and compare the characteristics of service tokens and batch tokens.