Configure
Nitride is built around the Vault core - a popular open-source tool for securely storing and managing secrets. While Vault provides a robust core functionality, its versatility can be extended through the creation of plugins. These plugins allow users to tailor Vault to specific use cases, integrate with external systems, and implement custom authentication and authorization mechanisms.
You find vault extensions in the folder /vault/plugins
.
Nitride extension vault-plugin-auth-ratls
is an authentication module, adding workload identity methods to the core.
1.3.0
3570095bf53a59a03a0c7f69f96f242e49fad853ed0d82447297008d5b4eb556
1.3.1
f375976ad31c8eebeb53cd757967dea4c6e4b152b51b4e98f79ccc691b7d4033
1.3.2
576eff028bfbd19aadca518d730a385beccd8cb932c0c323f1bcda8228622490
Before the registration, we recommend to validate the integrity of the plugin binary
Register Nitride
To register the Nitride plugin, use the following command with the above SHA-256 digest
:
To verify successful registration, run the command below and look for vault-plugin-auth-ratls
in the list:
Enable Remote Attestation through TLS
To enable remote attestation and expose the endpoint path /ratls
, execute the following command:
Run the command below to confirm that the endpoint has been enabled correctly:
You should see an output similar to this:
Last updated