HashiCorp Vault Authentication with Azure Active Directory

No video

HashiCorp Vault Authentication with Azure Active Directory

Рет қаралды 4,966

Күн бұрын

In this video, we discuss and demo #HashiCorp #Vault authentication with #Azure Active Directory (AAD). Our setup is as follows:
- We have 2 Vault clusters in AWS. One is a primary cluster and the other is a disaster recovery (DR) cluster.
- Both clusters are made up of 3 Vault nodes each.
- Integrated storage is used for the backend storage.
- A public-facing network load balancer is used in AWS connecting to all 6 Vault nodes.
- The 3 Vault nodes in the DR cluster will appear as unhealthy to the load balancer which is fine because they are in standby mode and can't server traffic.
- The load balancer is in pass-through mode for TLS so TLS is terminated straight on the Vault nodes themselves. This is a good practice to consider so that there is no man-in-the-middle decrypting traffic.
Here is the workflow for user authentication:
- A user hits a Vault node via the load balancer and goes to the authentication page in the UI or logs in via the CLI.
- The user then chooses the OIDC authentication method
- Vault reaches out to AAD to authenticate the user
- AAD authenticates the user and redirects them back to Vault via the load balancer
- The user is now logged into Vault and is allowed to access secrets defined in the policy attached to the OIDC role.
▬▬▬▬▬▬ T I M E S T A M P S ⏰ ▬▬▬▬▬▬
00:00 - Introduction
00:18 - Setup
04:26 - Demo
07:40 - Configuration Walk-through
11:25 - Conclusion
▬▬▬▬▬▬▬▬▬ Courses 🎓 ▬▬▬▬▬▬▬▬
- TeKanAid Academy Subscription ► bit.ly/subscription-premium
- Terraform 101 - Certified Terraform Associate ► bit.ly/hc-terraform-101
🎟️ Get 15% off of my Terraform 101 Course with this coupon ► KZbin15TF101
- HashiCorp Sentinel 101 ► bit.ly/hc-sentinel-101
- HashiCorp Vault 101 - Certified Vault Associate ► bit.ly/hc-vault101
🎟️ Get 15% off of my Vault 101 Course with this coupon ► KZbin15VAULT101
- HashiCorp Vault 201 - Vault for Apps in Kubernetes ► bit.ly/hc-vault-201
▬▬▬▬▬▬▬▬ Useful Links 🛠 ▬▬▬▬▬▬▬
- OIDC Provider Configuration for AAD ► www.vaultproject.io/docs/auth...
- GitHub Repo ► github.com/samgabrail/vault-r...
▬▬▬▬▬▬▬▬ Community 🌎 ▬▬▬▬▬▬▬▬▬
- TeKanAid Community Forum ► tekanaid.com/community
▬▬▬▬▬▬▬▬ Connect 👋 ▬▬▬▬▬▬▬▬▬
Website ► bit.ly/TeKanAid_Website
Facebook Page ► bit.ly/TeKanAid_Facebook
Don't forget to subscribe ► bit.ly/TeKanAid_KZbin_Subsc...
MEDIUM ► bit.ly/Sam_Medium
TWITTER TeKanAid ► bit.ly/TeKanAid_Twitter
TWITTER Sam ► bit.ly/Sam_Twitter
LINKEDIN TeKanAid ► bit.ly/TeKanAid_LinkedIn
LINKEDIN Sam ► bit.ly/Sam_linkedin
In this course you will get to:
⭐ Learn everything you need to know about Vault to ace the Vault Associate Exam
⭐ 8+ hours of video content
⭐ Instructor has his camera on making you feel that you're right in the classroom
⭐ Hand-drawn animated diagrams to help you grasp the topics better
⭐ Lots of hands-on labs to learn by doing
⭐ English closed captions that are searchable so you won't miss a word
⭐ Quizzes to help you grasp the material well
⭐ Join our Community

Пікірлер: 6

@TeKanAid 2 жыл бұрын

▬▬▬▬▬▬ Announcements📢 ▬▬▬▬▬▬▬ 🔥 If you're interested in a step-by-step course to learn the basics of HashiCorp Vault, check this course out: HashiCorp Vault 101 - Certified Vault Associate ► bit.ly/hc-vault101 In this course you will get to: ⭐ Learn everything you need to know about Vault to ace the Vault Associate Exam ⭐ 8+ hours of video content ⭐ Instructor has his camera on making you feel that you're right in the classroom ⭐ Hand-drawn animated diagrams to help you grasp the topics better ⭐ Lots of hands-on labs to learn by doing ⭐ English closed captions that are searchable so you won't miss a word ⭐ Quizzes to help you grasp the material well ⭐ Join our Community