HashiCorp Vault Certification 2021: Resources to help learn

A brief overview of Vault

Vault is one of HashiCorp’s products with a vision to help manage secrets. Its versatile features, offerings, and being cloud-agnostic sets it-self apart from other secret management tools.

In layman terms, think of Vault as a one-stop-shop for secrets management, encryption as a service, identity-based access across multiple cloud environments.

With Vault, you can assign granular access and control to tokens, certificates, passwords, and much more.

Why is a tool like Vault important? (To name a few)

• If you are running multi-cloud architecture, you may need some sort of management tool that can support and integrate employees/client's access to secured data and tokens with ease. The main focus of the tool here is to shift manual work for the developers to let the tool handle these mundane tasks.
• If you have heaps of static secrets lying around, are they really needed or they exist for one-time use? How much time are you going to spend later figuring this out if the use isn’t properly documented? Why not use a tool that can automatically handle generation, renewal, and revocation?

How can you use Vault in your company? (To name a few)

Dynamic Secrets - "Dynamically create, revoke, and rotate secrets programmatically."

• If your CI/CD needs to use secrets, passwords, access keys — you can use the vault’s dynamic secrets feature to create these dynamically for the duration of the pipeline process, and when specified Vault will automatically revoke the secrets after.

Data Encryption - "Vault can encrypt and decrypt data without storing it."

• Use Transit Engine from Vault to “encrypt data in your applications, sign and verify data; generate hashes and HMACs; and act as a source of random bytes.”

Leasing and Renewal - "All secrets in Vault have a lease associated with them. At the end of the lease, Vault will automatically revoke that secret.

• For example, I can create tokens with a set configuration

#token expires in 30 min
vault token create -policy=default -period=30m
#token can only be used twice
vault token create -policy=default -use-limit=2
#renew locally authenticated token
vault token renew

Study Guide and Preparation

Vault Project

1. Getting Started Tutorial
2. Interactive Labs — Powered by KataKoda
3. Review Certification Blueprint links

Udemy Courses I took

1. Zeal Vora — HashiCorp Certified: Vault Associate 2021
2. Bryan Krausen — Getting Started with HashiCorp Vault

Practice Tests

1. Integrated into the Course — Zeal Vora — HashiCorp Certified: Vault Associate 2021
2. Bryan Krausen — HashiCorp Certified: Vault Associate Practice Exam

Additional Resources

1. HashiCorp Youtube Channel
2. Bhargav Bachina — 200 Practice Questions For HashiCorp Vault Associate Certification
3. Stanislas Quastana — Preparation Guide for HashiCorp Certified Vault Associate

Quick Facts

• Like many other certifications, it's easy to study this relatively quickly and pass as it only covers basic knowledge of the tool.
• It's important to note that it may be beneficial for you and the company you work for long term if you can build mini-projects/proof-of-concept/use cases around a tool you are working towards rather than just grasping the information.
• What helps me learn in general for these certifications

Think beyond the certification - What is the tool’s vision and focus? What problems does it solve? How can these features help the company or a team?
Asking yourself more questions and being curious - What does this command do? What happens if I click this button? How can I enable this? How do I integrate that? How I can combine these features? Asking questions helps give you clarity. Don't only do what is told, try to break things, you have wings to do what ever you want! Especially with Vault's dev server!
Read and apply - For every input of information gained throughout the learning process, find a way to apply that knowledge to make it stick and connect the dots. It can be through hands-on or writing an article like this. Teaching or sharing a tool with a coworker can spark a great conversation and help you gain more insight.

• Find multiple streams of learning

- Don't just stick to Udemy or Youtube - branch out
- Google your tool - there may be tons of tutorials, knowledge base, articles other people have already done for you
- Go on Reddit or Stackoverflow - see what people are saying about the tool. What issues they are facing, how you can learn or help solve.
- Books - perhaps someone took their time to write a book about it, check when its published.

• Knowing there are so many ways to learn, you will find yourself jumping from one thing to another pretty quickly and may lose track. It's important to write down a couple of resources you like and stick to them.
• My study duration: 2 months (almost an hour each day). Of course took breaks for a couple of days

I hope this helped, please feel free to reach out if I can be of any help.