Configure
Configure Nitride to integrate with external systems, and implement custom authentication and authorization mechanisms.
Nitride is built around the Vault core - a popular open-source tool for securely storing and managing secrets. While Vault provides a robust core functionality, its versatility can be extended through the creation of plugins. These plugins allow users to tailor Vault to specific use cases, integrate with external systems, and implement custom authentication and authorization mechanisms.
Nitride extension ratls
is an authentication module, adding workload identity methods to the core.
To verify that the extension is registered, run the following command:
vhsm plugin list
Output is similar to:
Name Type Version
---- ---- -------
alicloud auth v0.15.0+builtin
approle auth v1.3.7+builtin.vault
aws auth v1.3.7+builtin.vault
azure auth v0.16.0+builtin
centrify auth v0.15.1+builtin
cert auth v1.3.7+builtin.vault
cf auth v0.15.0+builtin
gcp auth v0.16.0+builtin
github auth v1.3.7+builtin.vault
jwt auth v0.16.0+builtin
kerberos auth v0.10.0+builtin
kubernetes auth v0.16.0+builtin
ldap auth v1.3.7+builtin.vault
oci auth v0.14.0+builtin
oidc auth v1.3.7+builtin.vault
okta auth v1.3.7+builtin.vault
pcf auth v1.3.7+builtin.vault
radius auth v1.3.7+builtin.vault
ratls auth v1.3.7+builtin.vault
userpass auth v1.3.7+builtin.vault
cassandra-database-plugin database v1.3.7+builtin.vault
couchbase-database-plugin database v0.9.2+builtin
Enable Remote Attestation through TLS
Enable remote attestation using the
vhsm nitride init
command.
Verify that the endpoint has been enabled correctly:
vhsm auth list
Output:
Path Type Accessor Description Version
---- ---- -------- ----------- -------
ratls/ ratls auth_ratls_70c308c0 Remote attestation plugin for usage with vhsm nitride n/a
token/ token auth_token_10743d4c Token-based credentials n/a
Fore more information about creating identities, policies, and other tasks, see using CLI.
Last updated
Was this helpful?