Vault
Access a Vault Cluster on HCP
Now that you have created a new HCP Vault Dedicated instance, you will need to perform some initial configuration to support your use case. A good practice is enabling auth methods to support user and workload authentication, and enabling secrets engines to store or generate secrets.
Vault Dedicated provides the same type of access as a self-hosted Vault cluster. You can access it through a command line interface (CLI) using the Vault binary, through the Vault API using common programming languages or tools such as cURL, or by using the Vault User Interface (UI).
Access the Vault cluster
Security consideration
When an HCP Vault Dedicated cluster has public access enabled, you can connect to Vault from any internet connected device. If your use case requires public access, we recommend configuring the IP allow list to limit which IPv4 public IP addresses or CIDR ranges can connect to Vault to limit the attack surface.
When the HCP Vault Dedicated cluster has private access enabled you will need to access the cluster from a connected cloud provider such as AWS with a VPC peering connection, a AWS transit gateway connection, or Azure with a Azure Virtual Network peering connection. For the purposes of this tutorial, your cluster should have public access enabled.
From Overview page, click Generate token in the New admin token card.
Click Copy to copy the new token to your clipboard
Click Launch web UI.
When the Vault UI launches in a new tab/window, enter the token in the Token field.
Click Sign In. Notice that your current namespace is
admin/
.
Help and reference
You logged into and accessed the Vault Dedicated cluster at the admin
namespace. In Vault Enterprise, each namespace can be treated as its own
isolated Vault environment. Learn more about namespaces in the Multi-tenancy
with Namespaces tutorial.