You can test it out from the devsrv branch to run Vault Server in Dev mode, DO NOT deploy it in prod.
A quick guide for integrating Vault with JumpCloud LDAP as the auth backborne.
You will need:
- A JumpCloud Tenant - You can register for free.
- Install Vagrant on your dev box.
On JumpCloud:
- Create an LDAP binding account on JumpCloud.
- Create desired groups and add users.
On Vagrant:
- Recommended to run line-by-lines in vault_jc_ldap.sh. Fill in your own JumpCloud OrgID, LDAP bind account name and password.
- You will get this message once logged in successfully via LDAP:
Success! You are now authenticated. The token information displayed below
is already stored in the token helper. You do NOT need to run "vault login"
again. Future Vault requests will automatically use this token.
Key Value
--- -----
token <>
token_accessor <>
token_duration 768h
token_renewable true
token_policies ["default" "systems_rw"]
identity_policies []
policies ["default" "systems_rw"]
token_meta_username vault.sys_rw- Now you can create your first secret and switch between different LDAP user - i.e. the read-only user should not be able to make changes to the secret, but able to read the value.
vault kv put secret/hello foo=world
vault kv get secret/helloEnjoy!