Jump to content

New Learn Tutorials: Secure Consul with Vault's Secret Engines

Recommended Posts

We have three new step-by-step tutorials on HashiCorp Learn that enable you to secure HashiCorp Consul with Vault. Each tutorial also includes an interactive, in-browser lab where you can test each integration.

Get Hands-On Experience Securing Consul with Vault

In the first tutorial, secure agent-to-agent gossip communication with Vault's secure secrets management. Consul uses gossip traffic between all agents in the datacenter to communicate membership information. This communication should be secured with a symmetric key, since gossip between agents is done over UDP. This tutorial will also include gossip key rotation and management with consul-template. The Consul template tool provides a programmatic method for rendering configuration files from a variety of locations. To learn more about how gossip key rotation can keep your datacenter secure, check out this related tutorial: Rotate Gossip Encryption Keys in Consul.

In the second tutorial, secure Consul's consensus and RPC traffic with Vault-managed mTLS certificates. Consul uses consensus for leadership communication between servers and RPCs requests are forwarded from all agents to the leading server. To secure both types of traffic, Consul supports using TLS to verify the authenticity of servers and clients. This tutorial also includes using consul-template to create and manage Vault-managed mTLS certificates.

In the third tutorial, configure the Consul secrets engine in Vault to deliver Vault-managed Consul Access Control tokens. Consul uses Access Control Lists (ACLs) to secure access to the UI, API, CLI, and agent data.

Check Out What's New in Consul 1.9

Want to learn more about the latest Consul features? Check out these two tutorials to test out features new to Consul 1.9:

View the full article

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Create New...