hands-on lab

Configuring Vault to Use LDAP Authentication

Difficulty: Intermediate
Duration: Up to 45 minutes
Students: 423
Rating: 4.8/5
On average, students complete this lab in30m
Get guided in a real environmentPractice with a step-by-step scenario in a real, provisioned environment.
Learn and validateUse validations to check your solutions every step of the way.
See resultsTrack your knowledge and monitor your progress.

Description

Lab Overview

HashiCorp Vault is a modern, multi-cloud-friendly solution for managing secrets at scale. To ease adoption of Vault into your organization, Vault provides LDAP authentication. In this Lab, you will learn how to configure Vault to using an organization's LDAP identities and groups for authentication without duplicating usernames, passwords, or memberships. You will create access policies that map to LDAP groups to seamlessly authorize LDAP users in Vault.

Lab Objectives

Upon completion of this Lab, you will be able to:

  • Install Vault on Linux systems
  • Enable and configure LDAP authentication in Vault
  • Create access policies that map to LDAP groups
  • Authenticate LDAP users using the Vault CLI

Lab Prerequisites

You should be familiar with:

  • Vault basics
  • LDAP directory and schema knowledge is beneficial, but not required

 

Updates

April 25th, 2023 - Resolved an issue that caused the lab to fail to set up on rare occasions

December 8th, 2022 - Added check to validate lab progression

January 10th, 2019 - Added a validation Lab Step to check the work you perform in the Lab

Environment before

Environment after

Covered topics

Hands-on Lab UUID

Lab steps

0 of 8 steps completed.Use arrow keys to navigate between steps. Press Enter to go to a step if available.
  1. Logging In to the Amazon Web Services Console
  2. Opening the AWS Cloud9 IDE
  3. Installing HashiCorp Vault
  4. Starting the Vault Sever in Development Mode
  5. Understanding the LDAP Directory
  6. Creating Vault Policies for the Organization
  7. Configuring Vault LDAP Authentication
  8. Testing the LDAP Authentication and Access Policies