Question 1mediummultiple choice
Read the full Explain Vault architecture explanation →VA-003 Explain Vault architecture • Complete Question Bank
Complete VA-003 Explain Vault architecture question bank — all 0 questions with answers and detailed explanations.
Refer to the exhibit. ``` $ vault status Key Value --- ----- Seal Type shamir Initialized true Sealed true Total Shares 5 Threshold 3 Version 1.13.0 Storage Type raft Cluster Name vault-cluster-abc123 Cluster ID abc123-def456-ghi789 HA Enabled true HA Cluster https://vault-1:8201 HA Mode standby Active Node Address https://vault-2:8201 ```
Drag steps to the numbered slots on the right, or tap a step then tap a slot.
Drag a concept onto its matching description — or click a concept then click the description.
Writes to a local file
Sends to system syslog
Sends to a TCP or UDP endpoint
Publishes to Kafka topic
Refer to the exhibit.
```hcl
seal "gcpckms" {
project = "my-project"
region = "global"
key_ring = "vault-keyring"
crypto_key = "vault-key"
}
storage "raft" {
path = "/opt/vault/data"
node_id = "node1"
}
listener "tcp" {
address = "0.0.0.0:8200"
tls_disable = true
}
```Refer to the exhibit. ``` $ vault operator raft list-peers Node Address State Voter ---- ------- ----- ----- node1 10.0.0.1:8201 leader true node2 10.0.0.2:8201 follower true node3 10.0.0.3:8201 follower true node4 10.0.0.4:8201 follower false node5 10.0.0.5:8201 follower false ```
Refer to the exhibit.
```json
{
"path": {
"secret/data/production/*": {
"capabilities": ["read", "list"]
},
"secret/data/staging/*": {
"capabilities": ["create", "update", "delete"]
}
}
}
```storage "file" {
path = "/vault/data"
}
seal "awskms" {
region = "us-west-2"
kms_key_id = "1234abcd-12ab-34cd-56ef-1234567890ab"
}
listener "tcp" {
address = "0.0.0.0:8200"
tls_disable = "false"
tls_cert_file = "/etc/vault/vault.crt"
tls_key_file = "/etc/vault/vault.key"
}
api_addr = "https://vault.example.com:8200"
cluster_addr = "https://vault.example.com:8201"Key Value --- ----- Seal Type shamir Initialized true Sealed false Total Shares 5 Threshold 3 Version 1.15.2 Storage Type consul Cluster Name vault-cluster Cluster ID abc123 HA Enabled true HA Cluster n/a HA Mode standby Active Node Address <none> Raft Committed Index 42 Raft Applied Index 42
{
"time": "2023-10-01T12:00:00Z",
"type": "request",
"auth": {
"client_token": "hmac-sha256:abc123",
"policies": ["default"]
},
"request": {
"path": "secret/data/mysecret",
"operation": "read",
"data": null
},
"response": {
"data": {
"data": {
"password": "hmac-sha256:def456"
}
}
}
}storage "raft" {
path = "/vault/data"
node_id = "node1"
retry_join {
leader_api_addr = "https://10.0.0.2:8200"
}
retry_join {
leader_api_addr = "https://10.0.0.3:8200"
}
}
seal "shamir" {
secret_shares = 5
secret_threshold = 3
}
listener "tcp" {
address = "0.0.0.0:8200"
tls_disable = true
}path "secret/data/engineering" {
capabilities = ["read", "list"]
}
path "secret/data/finance" {
capabilities = ["deny"]
}
path "secret/data/engineering/*" {
capabilities = ["create", "update", "delete"]
}
path "secret/data/finance/*" {
capabilities = ["deny"]
}Error: failed to initialize storage: no storage backend configured
path "secret/data/team/*" {
capabilities = ["create", "update", "read", "delete"]
}
path "secret/data/team/billing" {
capabilities = ["read"]
}