HashiCorp Updated Vault-Associate Exam Questions and Answers by elissa

Not all storage backends support high availability mode for Vault. Only the storage backends that support locking can enable Vault to run in a multi-server mode where one server is active and the others are standby. Some examples of storage backends that support high availability mode are Consul, Integrated Storage, and ZooKeeper. Some examples of storage backends that do not support high availability mode are Filesystem, MySQL, and PostgreSQL. References: https://developer.hashicorp.com/vault/docs/concepts/ha 1, https://developer.hashicorp.com/vault/docs/configuration/storage 2

AppRole is a machine-oriented authentication method that allows machines or applications to authenticate with Vault using a role ID and a secret ID. The role ID is aunique identifier for the application, and the secret ID is a single-use credential that can be delivered to the application securely. AppRole is designed to provide secure introduction of machines and applications to Vault, and to support the principle of least privilege by allowing fine-grained access control policies to be attached to each role1.

Okta, GitHub, and Transit are not machine-oriented authentication methods. Okta and GitHub are user-oriented authentication methods that allow users to authenticate with Vault using their Okta or GitHub credentials23. Transit is not an authentication method at all, but a secrets engine that provides encryption as a service4.

References:

• AppRole Auth Method | Vault | HashiCorp Developer
• Okta Auth Method | Vault | HashiCorp Developer
• GitHub Auth Method | Vault | HashiCorp Developer
• Transit Secrets Engine | Vault | HashiCorp Developer