To link a user to a group through their UID when utilizing LDAP authentication in Hashicorp Vault, follow these steps:
Identify the group you want to link the user to and obtain its distinguished name (DN).
Create a new LDAP policy in Vault that grants the necessary access to the group. For example:
path "secret/my-group/*" {
capabilities = ["read", "list"]
}
$ vault write auth/ldap/groups/my-group/users/<UID> policies=my-group-policy
vault kv get
command to retrieve a secret from the group's path.$ vault login -method=ldap username=<USERNAME>
$ vault kv get secret/my-group/secret-name
If successful, the above command should return the value of the secret-name
key.
Please start posting anonymously - your entry will be published after you log in or create a new account. This space is reserved only for answers. If you would like to engage in a discussion, please instead post a comment under the question or an answer that you would like to discuss
Asked: 2022-06-12 11:00:00 +0000
Seen: 14 times
Last updated: Dec 31 '21
What is the reason for the authentication failure in Azure GIT?
What is the procedure for utilizing Firebase phone authentication on Expo with React Native in 2022?
What is the process of performing a GET request while using OAuth1 authentication?
What does "authentication" key with an invalid value mean?
How can authentication with AWS Amplify be integrated into a monorepo using Nx?
What is the process for automating sign-in for an Expo React Native application?