Add an Enterprise license to Vault, Consul, Nomad, or Boundary with environment variables, a license file, or a configuration value.
30min
Secure multi-tenancy with namespaces
Enable namespaces in Vault Enterprise or HCP Vault to create a secure multi-tenant environment.
10min
Manage secrets across namespaces
Manage and share secrets across multiple independent namespaces with each namespace using its own distinct access control list policies.
33min
Enable disaster recovery replication
Set up disaster recovery (DR) replication to protect your Vault Enterprise deployments from catastrophic failure.
56min
Recover from catastrophic failure with disaster recovery replication
Use disaster recovery (DR) replication to recover from a catastrophic cluster failure by failing over and failing back to original operating state.
5min
Scale horizontally with performance standby nodes
Achieve horizontal scale for read operations in your Vault cluster with performance standby nodes.
20min
Enable performance replication
Set up and manage Vault Enterprise Performance Replication.
23min
Monitor enterprise replication
Check and understand the status of enterprise replication between clusters.
10min
Troubleshoot and tune enterprise replication
Troubleshoot and tune Vault Enterprise performance and disaster recovery replication issues.
29min
Protect against resource exhaustion
Implement protections to prevent misbehaving applications and clients from exhausting available resources.
16min
Codify Vault Enterprise management with Terraform
Improve collaboration, increase repeatability, and reduce human errors by codifying Vault Enterprise management with the Terraform Vault provider.
11min
Generate certificates with HSM or KMS managed keys
Demonstrate the use of managed keys allowing PKI secrets engine to delegate
the private key management to the trusted external KMS.
25min
Enforce access control with Sentinel policies
Vault Enterprise supports Sentinel to provide a rich set of access control functionality. This tutorial walks through the creation and use of role governing policies (RGPs) and endpoint governing policies (EGPs).
22min
Evaluate Sentinel policies on HTTP requests
Learn about the Sentinel HTTP import, which enables use of HTTP-accessible data from outside the runtime. Explore related Vault server configuration and create an example Endpoint Governing Policy.
30min
Manage access to Vault with joint controller authorization
Improve security with Vault Enterprise control groups. Add joint controller authorization, and test requesting and receiving authorizations from additional controllers.
50min
Transform sensitive data with Vault
Transform secrets engine allows generation of cryptographically secure tokens mapped to sensitive data such as credit card numbers.
40min
Data tokenization with transform secrets engine
Learn how Vault's transform secrets engine performs data tokenization to provide maximum resistance to data being compromised.
28min
Manage client encryption keys with Vault as a KMIP server
Configure Vault to serve as Key Management Interoperability Protocol (KMIP) server.
10min
Key Management Secrets Engine with Azure Key Vault
Learn how to manage an Azure Key Vault key lifecycle using the Vault Key Management Secrets Engine.
15min
Key Management Secrets Engine with GCP Cloud KMS
Learn how to manage a Google Cloud Key Management Service key lifecycle using the Vault Key Management Secrets Engine.
12min
HSM integration - seal wrap
This tutorial demonstrates how Vault's seal wrap feature works to encrypt your secrets leveraging FIPS 140-2 certified HSM.
18min
SAML authentication
Learn how to authenticate with Vault using SAML and an identity provider.
16min
Use PKI with external policy services
Manage PKI with custom policies from an external policy service that operates outside of Vault.
10min
Synchronize cloud native secrets
Synchronize secrets between Vault Enterprise and cloud native secrets managers, like AWS Secrets Manager.
14min
Manage federated workload identities with AWS IAM and Vault Enterprise
Set up AWS IAM idenity provider (IdP) for your AWS Secrets and authentication engines.