From bcb9dec04c3d60025726054f6cf952da96080390 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=D0=A4=D0=B5=D0=B4=D0=BE=D1=80=D0=BE=D0=B2=20=D0=94=D0=BC?=
 =?UTF-8?q?=D0=B8=D1=82=D1=80=D0=B8=D0=B9?= <prodik.sun@gmail.com>
Date: Tue, 9 Jul 2024 14:24:33 +0300
Subject: [PATCH] add vault

---
 DevOps/Hashicorp-Vault/hashicorp-vault.md |   0
 DevOps/Hashicorp-Vault/image-1.png        | Bin 0 -> 5363 bytes
 DevOps/Hashicorp-Vault/image.png          | Bin 0 -> 1827 bytes
 DevOps/Hashicorp-Vault/vault-with-ldap.md |  66 ++++++++++++++++++++++
 4 files changed, 66 insertions(+)
 create mode 100644 DevOps/Hashicorp-Vault/hashicorp-vault.md
 create mode 100644 DevOps/Hashicorp-Vault/image-1.png
 create mode 100644 DevOps/Hashicorp-Vault/image.png
 create mode 100644 DevOps/Hashicorp-Vault/vault-with-ldap.md

diff --git a/DevOps/Hashicorp-Vault/hashicorp-vault.md b/DevOps/Hashicorp-Vault/hashicorp-vault.md
new file mode 100644
index 0000000..e69de29
diff --git a/DevOps/Hashicorp-Vault/image-1.png b/DevOps/Hashicorp-Vault/image-1.png
new file mode 100644
index 0000000000000000000000000000000000000000..426ddcf0fbf721ace27e8b48b18788dfabf3c835
GIT binary patch
literal 5363
zcmYLNby!s0*QKO}7?2K;t|0^z1f)w4Dd}$M9zj|_x;vz$L3)rDq)WQHOJZPPh?x(6
z`aa)3_uRdoz0Y&v-o5r(;i_-t@o}keQBY9uUn|I{qoAODcz74VMtgXsREhvlP)M3z
z%SgWSL_IbfaXA#io0*9taGheej-~G3yVE<3!X01cD#0-{h=@2NkU+y=4@i0ZGUc(w
zN-weO#x6QGurSM^3bBbTgccLPxb`r_O6Gdu=@uXSzh^ehk{aoPL4zvaN#u+{6L<{7
zR>B*rU8Fxq`p<_d)maCkU(fkBM@;7owr9#Rm0I!cf71ZbT83&J1f$5WDMPE6*^LkD
zj{9o-)#i->HmR^npy$kyCz<h(ly_oZ!sKE{Z0BgL{bFotT;7`PUi&wbw|UgOLGn-F
zbq>GZ$D{Z(rmiNOoqgQTD)(tw4-`5)f2aR}X^hc@aREhanBm;>XVLK{1B{QLTL`8+
zStwR>xc%uE|8W=0MS-)g@wnNK!lp_~jpqrt+Y+1eSLapnj>3jM_C?|1$$)f`nl^Ox
z!Y%(^0;%>486h55!9l>0S}gFJbI9tj#nBT8rX-hYql2WKytX<`=VD9n;S{4Q(N1m|
zgb16-6GCckQ%OG3I1b=T@-_j`8hr<o9kBGdm$G-LA{yR1CC`1S!;wDd03=Ihk7!S1
zU_3Ie9ExppU>IYOdDr09EjH{=*4nW{7~5@1zeY}-1X4Og2gz*VS4DPLV2{{Xy>N{d
zJwI~rM3RF8CiT)nyCZ~-2ny~jmUV!bH|oLl?J+|RH3BD_KFM|rR!r;cmBg5*QtcIz
z`W61#vOz7aTk{`ZE38qCh`@-)>yNpPM2LUM<o<k&E~2R#jsZ?3K%E9&%ls7o_;{5F
ze$Jm{edJ9fcY*cd!@Bm-3sKxKtt0Lp5<mTjPgf#8qj%Ke1S1p7ztQ}Rd!#YOo3L=^
zxWDu=leh4u1+*4mL3b1`FJp5$vHGh~HDHrPEex1d;55g%X*bfcMnD+tRA|gHwt7kT
zDM*|X5eLJTkDwL+LDg-Sri&9SrSD#!l~5<}4>c60nU`2+wV94nCmn@0iC{n+1o2#s
z@gQqQj5O_1Sv{+!)5~3t!|a)TBW9(ti)>7V5S?s#<kqN?zi?h@mMe@f^jzmz&I=8A
zleE*xYt<cNUGKM)sJ$&~9b$spv?-cO<%jgB1`Fh+(F#b*C;^Hl^f9L2h}g@M4w%#m
z4=S*<e@bgI5FL}V^CQLN*_KS6w<C_sSS>Qz#~pnM3)aUBE3tGTj=5Mtr`D?wENSK<
z3Tm?^Kri$h{j4`K#*9dt+qfk+G;sUjyu6w#=xMY_SWVoEO%$aKNgWjYUY+(K-5TdO
zt_$;wOQJ4mH}+<%O9SN3yNRi;v+@1u-4^Dnp%=;`sylH{oV@6F`gHKjc9@Q31H)1o
z@^M(L@T91nkJz?*t(!&jgWIFbLT6GQ_m^tb)Pa=x$Q?wTqxy^@_k!O1+}aKtiZt9$
zmKVgp#Y@S<;UFo}IGb|*?4pESEqlsVVu$|G{Vf|B?}3%>>XWL$(z#b8&(jZaJEpf^
zONy`|43=E++~>A!)8g2@ahd8<iQHaL@zyGH2bs52H=mYOkbaaCW3y}`1RTt%DZG|T
zgsESPakl3zM2PbBBIuFfMsZ?%L#!tp%Y68qoaZa~Uh)vFl&`-sc5%@k<*6)oDe_}Z
zatP!66cBAZt0$6tSv$J*qkv%nC9!tEE~6kk(w3BYp@_)tTcLaPZgR4ZaJ=FEC3@W#
zj`>Ga128@r?q*YTScvhdaZV=pgc@d5qez@;@1nAIH&=H+q6WJ^?iB~0>lch$@}VA!
z-l9UIrE<`PS4IO`dVeS>{f|=f5hIS(q=Bs{u9?I#@M@$Jv3mFz-6b6ks!^ik8OwT3
z6&Yjh55AfOID52J3VwT=fPX*D>46LzldA2Ka=x$JdQ%fXX0a*6kIG%M)kK1Y@Zw1q
z%qkMgg(f@wExk1`Fh?;wjV~MfjDVNI<^DUU(ATdNI^*@k#XrU9r?HQi-!5*X%GTV5
zE>$KdSV)M}s7Am>crGP0d(G7AdiIW^q-o{%^A1wyv+Wh<AWIH<&Z;_1_R0dua5PGz
z#(uD5=tW~*(UZIR2q=wX5`!~$NU<p8`ezk3RjT*wb)b)u@J5NXd}xn#q!+6*+eWX}
z8GaBBB@1>~2eJ^!<}%%1YvN1*h-^~(_^s1}Cp8%an1C8YpPN|(JEXhpt+_LCti}Q_
zHo(e_ke}#lz?AIMTPzou^OjEH^M<UopFZ@2?tM8fdv&d2_WUoE+RtCHKB>9Rcce(R
zXtik`)^>!+X#%qRWq4%y!W?PatR-f;{DvTEQuUE!g|PwZk9K8t(OS<3$$BfhDN!O0
zUp+%rYL_XuPc^`6DYjaN;F{&x_%|`bd-Owr6}4Ve%1ZpH6%=Qtb7q#YM&Yw}OfgNG
zH=Kztn_k6W@e|4777eI$ov9r>bI;@VSHY>wx=4np!)r+;>0IOI`Ymdk#_dU0L0*Uq
z<kN*8TLUOG7YB%^8<;PZ*CF<6%LY@mM;gIf`^nmDD)HNqZ%#&PjV+)7rn>lNC^v!%
zD{9osxfk8Bv=ELpE!R?lg|+p%YrXu;^CqND+<gpe*>Zjr^^nt6@)qqv9>-4=tA_2X
z*$&os|HR}?m@*3T+W9KS_yi@}(!VX-Q1Ty`7Spfk!fbwtnE$hlV*{+`jh)Q2fBnH)
zRQWZV2PE~Sx)`1NXU{S|B+O>ck-GmyWKSxzY|9+XHh%D5`}z`lPZuVNY%zkb?z;Q6
zp#I#axEa$Mo4inQ=#ZSGLt<jA6d!gR-qpw@PhPw>x_bF#Ch8iTvj&;GUB|2F`298Z
z0y#-yz2V~ra79xjnt<>JzEJ6-q}HIz?#koGp)5YQaCv%15PCHU7a9X#G<JnjRNgN|
z@RU~QfsrmYAHceH;wP!}xz_VVUO83rxbD1(W1@_8>+>V)ccmZQW(J&$9tT2)5zgPx
zP9`%z-q&fno47nJsoo99b#sCN((W@sjoZyTWRh}c@a}q+R%hs>e1EO-q(uTswM#PN
z!fFzYn{W#B%Fm~LowZB-3Q8I@q?G3Y-+TTWQaxn%{zmDmL87JUggOeb-7Y+6!uhA%
znUxzCJOwuuZl3Wha&xNL$XqT~$rTr<bZ375jCQx$D%ED~;#rUDottpS=A7y~+M0V$
z;dQnruAapRq*YC?F`q*Q3&{;ltXV11Pzdv?g!I}AU)L#(ee;6PgrY!qY<~cjF8Xte
zFdcNto6q!6I6en8TN-bjT+8W7uej^yqGx+yu(AE5+D~73BB|_j`I@<7W2C3s$;{v3
zPoetcZ|3=mkD;PsNP?b`-lfAf?>Z7JccHhgHc|;m{Td<>KG$i*yw4TT88gVQRZn`X
zdsGBE45P^LznP@+o^%<Q$TQOh=k&uJhsmF0kBH<?`%H4b>Ep=`?#uw)f(dki#8GUv
zKg=hJG`@c#yRmSiUR0Ufb<a24>%Nsi<-RJ0WFDG1U%)-Pc-=BAnD4>4b8Z=IoSjpT
z;Do!Im$(J0c)&f;aE^mhG39C6QCUx7N!3kiyGROr!eT~;E1alvB>)}39}tQMpNucC
zRW=?LgkBJ!JUJB{EL!Nwg^I<iWniWPlAgP9K}FPDEeQp@+-dA@tuX4S&tFkwMqEOp
zA}jZ#1_(XcWq74CsiwV5=V#CT*G=$`_?bmfSE>htr|IE73MgjgFBKD+L^})LmVZ6<
zp&T()0Tlbh#Hv=cPTdz$2`Umhe}gV(8p^;?0nd%R7)J+v1a|;vxo|HTIaQVlcb~md
z|KET>#gy%Z5I!@mmH;gqf?Z+m1<SPlmKW^#ufK5#pH*&ej|AEc`a?mr_7y_0+6Fy+
z>p)4JdFOaEZfF9z_0nQ+KGqDSlTAb3c}RS|)>}%2grr$au@?vyf~Wch5`}nbv)bts
zPcw;MaS1<q#ObRT{lj~r*9umcOZIU`R_Be>oAsncK}N^{i)qMmVor%q_*U20W{_-)
zsqtRbZO0eO@DG#y)6^~?%CAS>UtfR0w(ydAvFcHI`<fJTd2wY$?!96IUC!W<M1IZT
z=T4Si>f-@NNiYv_^F`Bc2YnKND0z?{^TKWB4Z%fQ99<*%06_|)7{IHtWDPog+|(ao
z`}*V*mnI|zSzfy%Yn-JtE4c}88^U~g|F?<PeMM2pXYp(nP_wY~iI8VsllRg|H3fX=
z1JcEMu$wFnNsg7gKs0GxoEGyfcj7~}6;`N8o~dTfHqEph#j|4g=~8*WFi+jRzYN)6
zO=;7b+=>y8vplI)vRsi(uY(&!^OK%(#!^sq%soT9vY6-k5H-0Ng(X@J%+!uEUVrz-
z+wi-D`jsoTbYHbMxD$OrA**|m0e92U%}-9#nZr?~&qfM|UT=IfvxnSelhzg689vdT
zi|?h_n#^@JkRLTyGwTxOZt7@_9*Eebi7h7|j%FVrA#gUKJTwm)?G@=&QZX@=_}KfS
z@kDBX8b5Y5y>$$khsm5nG&^5LkiwoHixJIFXRRBc{42_tqNoE^3z4SGcppri$Fs;u
z*R<mp3dRxYF1OyG^;n9IWi@kcr-nY#{1#yBRgd}n1Zt0Q0pe^QU?eb;)N(0PaavuY
zk7(YE;3>4otTCWt6`qAd-*{NdpvSN^6^8?z{3VG)=$}fvf4nopTzX5#+Jq48-si!6
z*%mr_*M>d(<J_S@MJQQdegl2(4yV8MtMoST`zMNUo(u7@zVLRJA6NsL1Y}~RzASf~
zLKtL<qWFDZQRC7tnZu-Rlfer?z3aX;r;6{S`a1Eo-@YgExn=i-%4q9dQ_o`yYi;Rn
zNPO|QJ@Bd2>c>5uAj3^OKIMUPxF%dBC<L=MSVP}`L9%A`EPBOR@^?u2&e3g@TXfP|
zKOP}kQ1k-GKQYy06^70RgFJ1I<KE>P_mHzxLn8E}V{Ys}fKA17Vp%;G8GGrx+gU}7
zw1-6wD<w#2oR+xIKBoBAHnoGjYf%xxw-vA(FWx02{_rw4ChtnC9R@7fvS*>PB<}-$
zKHw@7s1R})y$L-|1|z?j9Dqv$He+E?o$a+p+3~LP{}InXZ=zF>H;>uM>R)*5B+`j|
z0MG^nFY&*C`hcKD7@|Wfk!e>S{sN>k#tg%nE|^PwW$eG4CUVrV+AD^gd)ogvZUeTC
zZsT$2*(dQ$-YD~qlokFPkM3<gcfps^kX*IZM&GI5>e|u0QNG@Zh-LzXno$8pcPFHM
zwU@?pIW_m<zFov=B^D32|038>JZkf|3nC@nr}}|kqdXje!>vnh>je0Iv<_4_Osd;x
zli?V*kN$hcQxbq;pKMt`Vt1{c)8ML(Y{=0+Y)CoLx;HXJbkRaS_3S^e^v)_EZ{5+{
z2U#<mOJfD=ycFQ~;^PunTU51TafL<wkk#leN>oLjeEf1HjF;uCJgD4C7i8CGL~_F9
z!&D^eMn5)JEKJ3bq{B;?|NZq%j5KSlm2F3%2YzR#^UnSA%d&H7R|Z;Ho;tZVXw0|0
z_<`^3+8HVJmqeP{?&dS^JjBT{$q?-8M2O)@rkkF$g7_B3^_@S&|Fj(VtIi%9N^dN2
zQS1YF&RtAG#Mo>~Bg77|=^M8_2@O<WD5sxEqPSwrlVAyOXoxHhH|i0S+Nvlzl7HhG
zFIU8Dh2V>{?%|Tr86Dy>pT;*ZQKH~|qJi(QW&(q}tJ{KXV<;-7$YKtG*?|=(p2Zqv
z1Q!V(1V$D>ivlAnTVn!5!g_x1=ZMCG--vWwy#Fyh|7tBgH_Grn_2K02q%bN#neVu2
z4I>KJ<vKN~;;N!xI+s5+)bC8n47x-5f7Vxk_o|0+MJt*V7`lU)j8dZGo&pMgjhXQh
z;Zh1G$E3zXYTT+M4JfSEO)hzoh#<{(q%U16LKgF1p)z}ZR{Bu@^d4`Rs1}5WXvuO<
z-TkUHS8YO5+E#l6^51&UL3lzsk3j&_&t-g!H#+0_Gk)k_8y&pa(gz*2yysOq#xS}p
zh;R1Qvfn4^vPz>06X}A^ONvz5_FM{6ue;FA7{o>p`6_;;Lpe-gZO^*~pGcJQ9H#P*
zgmb5reu?gF8^~eT$R&H%fA_1}e6N(C1Ky7^nECKQuWbWW>+Dmww&b4n8GAAxblrZA
z3-y|;?|C(@3RpNU5FN3Y`naSAfJl7iP%Qs~Rn;0$7W975&aRJ7QJo2OZr#G8dq?;;
z1-h{G9I^e`(-@rr{8{_Hrl806E1#^HhY?E!P1Reo+l4>um2JavhQLEHLMZCQS+>xs
zm+`t@+_#J(z0Ll5=lp0PIr@LDXTUop8nH$f(@7`WIb4h0*6X%zfR&k5Z~lV7kWekj
z%&t+B!zhbyF&s#vcb4ZUPC#kQQC|TwsgFCIrHmu(UwQG#9)pKDgy-gzh`$Yx1Z!k>
z8idr#WN)=~KM)a*FpEX{d7YjjEaK2${#>5hLp`eV%_@O;wJkR#p7K`(Zm3cgX-^5F
z%q?`fBpl{PX(xJqZ&}xE`8nRw6UHG7HU@N(2&cHBF=CBhKKyS0#$2m;@|j(`eCy|{
zvkIafQ;FN(lI#vmygcBuHv4UVnslCrib7`O94-D$S6x)iPc3o0sP{f`Z+g4K*qm<t
z;qLvhA1aK0|6Ens|3tQ!PQpKJd?@M%@IT4ye*r4|F#lP(`zwLKteSsue}%O1=?g>)
zhvBr`*BrrzHT_ZQTG9UW{Z`D+^U9)C9*<Ls{B`>f1}<CbA~xv#!(raIVx|H}<sf0F
zKS3VCh^fB?&jf;f1RCnf@xWfiiTBU25xLkaXEjEy3~=f0Iq7$%23>yxmIO@&m%S+K
zZX5rXgTy|1kiaz8Ajp}(5Wn6K;ccWirES|4|A3EoaxTlehBG7f){cLxehcicwQo9G
v{Z9`JV63J`8~I$HmGn2@&ju7Q5Li}8hxD^uWr+`BCdzBsw=z{yCZGNf5Cc^S

literal 0
HcmV?d00001

diff --git a/DevOps/Hashicorp-Vault/image.png b/DevOps/Hashicorp-Vault/image.png
new file mode 100644
index 0000000000000000000000000000000000000000..756654b89f55c21040c75083a18af3893fe0aba8
GIT binary patch
literal 1827
zcmb7_c{tQ-AI5*bF=}vR>J?*YY)wPf4%wPv$~H5YAz5-lLiQy~F(OiGiZhmmQnTb(
zE^%aR$8Jhdb~E7|<s@=6B-yv{{?5PefA2rf^*qmYU-xxA_jNy?FWre^CoQQc2>^gJ
ziD-Qm0KjBuZ;F6HYg|7(0s!{SlB`dkiwEafso7JiKiM>14SLOVLfm%hlKaEt5F$&O
z9uw%Nyw}@rt_G51Hun=9di5hz0hp@6lN5!BgZoYcaKeNMiSa@jP5|KP$h%EaA_bU|
zEp)gA6xk6c5RfzrC<;^!dk6!ONLUtHEmZ@N!Y9D8*r`>%l5he6;h=`Uy7=i%#0z~l
zT=VEq6Y_&&QoDR`{5A%DEDJsNl8Or#v3-6$)*PQ#=Rfsjqzvy&sg7yc!!rgL<>8yf
z<F7fLo5!2OB{g?^V59a7MSY#!B3@dx`rrlAGn)4XW{9Qn?{RFDyO1qwJl~y*Ma%FK
z9ojjlX^jFmft3q7Ftep~P|VKoY5dL3NwQ*v{c;g!!U~}W_6V^B1SW}C+4d?VdaUQs
z<Mac(ow3_vDnDn>F8}B)J|VETEEAXq_}w;Dp4{`irNej-dmgLu6-&P!cVQ0IkeF6(
zULE_eY|8`@6nwESw=0=76u?6EchQ3<In`R0IsY_wF}}L_l9Jm*>y=)(E2ba@Z{sGX
z-%Y@Vn~B?CKl@Yc4fDGG8Zw(nI=@_Xe_frVbxKV4i-(`i-ppU*2d8q%;<g26rx_>m
zo-Kzj2HX@b8@5$vS9iY4E|wEM#o(Ql()?z;5M~Z@xbY7;>H^2#RkWzKU3FJGk?`a@
zM52^UUA)b#GhN`;UF>`Kh<x;2f$s_DNsVEDp0;is<NeyyT>bO~!5iv<M*rCNKamHp
z+@h`?(YaC<S(2$2Ku?>##TsuZfAf&eaUFJv;$`UQ6<UcD-mjF>40k1l$DBS=Ln0m*
zsFZLW@1u-uJ>Fhf%FEEiXib+Vy1WjUZTpq`rRAK_+dbFOlL_^vF0HOVma3|GAzt1*
z{I_}~FG|N)4(G$AJ>9@iBqs2nlOQ+xG>71NGwhH7E#UXK*h@>l$(M~(va9t%-I!&%
zH{!2jIBCOe!|S8iZcrecPbrXdbbdF%^$LB~u#d>dNH8`ce_S|{eq9}Zi875ne1-<^
zW7_>2Q+*?fiftb3CRo%3b!TI^=6iAleb+2XLRuSFbLeGG;?pv%V_g#Y(>9zZHH|DL
zCp#j!KArW;Kdza$)IyVmoltzy?ZtAC7G7>#+jztEf|8xBLj$?r!+Y(mm)w5$T0yPV
z^WWzBlEX6VgN#Odsd;SwDB*&%g{C>3Po@QNz4EAMBYR#Q-*`QwrLf&6z7X)}{0+5I
zZ@1nZj=YBu)$rNJh_sNA*)q1}l5Y36)`{NBOipO?D%@anaCZhHoSgb)E2MXIZCH8s
z-f~uhB0GCm&s9EOjU4l+v8%?tf82BFsA)noxzec>|0HpKy*oHa_?F5>m0}hvDAGS`
znlt&HG|I`5P~1#>jCiqo=(8niaUgnTd2m57-&5>UC@yuF2QSHD^VB*#)%Yrv%K+E&
zk~Wo-@LaL-D<_gALXM&B0fAwjNkuAvFaU`%hd_u9FzBaCaXXG8Qh=iUW)M1}K#({f
zKInT0LWUqs832(DDFheVM$AAGr@s5z(4>XWo@~nX?t2W6JqeZLseD}tqhhR=?uLcx
z*4CAzofq4Rt?ou`Z!$u|X;n@KVCzsN?b;U5xTG3yJyX4WC8M>Eq<ow2(}(GucXwjH
z$)FFW@M|PAMcF-}9%0rr@A>u)Kc+Mv+!lp}75)n_H~51U*@2pp&-WF3zLzxpso!4l
zu1H%WV8tlfk~JpwVLym`$l{+8ePTs6oi-{8Y}$!!>YtK80;zKdO;IqV0kW)NqK_+7
zar)!<7Zo5&1dL4cFMQS08!+AA9oWCUFvxD3J+@qhvysAnD~+-K5+nwx%pp}}j94Co
zQML^rSgzQ$tyMLUfbuzd1T-N`oQJF82WBI!rC_<plobcT!6>o+M>ruXdJ*YqsZB@f
zBCb;iB<c_6soIZ}P0V1lR@3guRkwt;j5B)GS##PJ*Q8HE%x=q1$w6BsGM8LEM^Mck
zyPM&w9SyN&`S;tq$F)uV^!lDC6wglOJHtl=8ZXu7Ba`iM!PMtZ=6qjbHlpAlGUz`k
zE47VWS?Fo!U<*ZeE>nkzK?}FET|W(T{nj!qnJ`5tOOykF#L$rz@;uQIy4c*ut<f&V
z8xr32DoV=oy-;-=90{a>ckGvDP{8`?fM~O@-&#{ON(Cy?_R3+L`2Su$O<J89HQGxz
y2mMqHK!~7=;BFcK4H*>da)yEj2tqyue4k_18?lB-?L27s0VErWb>*3hH~$OJ%}mY!

literal 0
HcmV?d00001

diff --git a/DevOps/Hashicorp-Vault/vault-with-ldap.md b/DevOps/Hashicorp-Vault/vault-with-ldap.md
new file mode 100644
index 0000000..2a23107
--- /dev/null
+++ b/DevOps/Hashicorp-Vault/vault-with-ldap.md
@@ -0,0 +1,66 @@
+# Развертывание Hashicorp Vault на стенде с Microsoft Active Directory (LDAP)
+
+## Политики и пользователи
+
+Политики в Vault по сути напоминают права или access list (ACL). К юзеру или группе привязан ACL, с разного рода правами же.
+
+## Настройка образца политик
+
+Сначала настроим политики – потому что пользователи и группы привязаны в политике, а ввиду убогого GUI делается это не очевидно. Да и в руководстве по политикам прописано как-то странновато. https://developer.hashicorp.com/vault/tutorials/getting-started/getting-started-policies?in=vault%2Fgetting-started
+
+Посмотрим, что у нас есть:
+Логинимся через токенЖ
+```
+vault login
+```
+Проверяем, что все успешно
+```
+vault status
+```
+Окей, сервер работает. Проверим сикреты.
+
+```
+vault secrets list
+```
+
+Проверим существующие политики:
+```
+vault policy list
+```
+![alt text](image.png)
+
+Создадим шаблон под политику:
+```bash
+nano policyUSER1.hcl
+
+# policyUSER1
+# Write and manage secrets in key/value secrets engine
+path "kv_UserAD/*" {
+capabilities = [ "create", "read", "update", "delete", "list" ]
+}
+```
+Почитаем help и применим политику
+```
+vault policy write -h
+vault policy write policyuser1 /home/vuser/policyUSER.hcl
+```
+![alt text](image-1.png)
+
+Создадим групповую политику
+```bash
+nano policy_groupad_fullacess1.hcl
+
+# policy_groupad_fullacess1
+path "kv_groupAD/*" {
+capabilities = [ "create", "read", "update", "delete", "list" ]
+}
+
+# Выполним
+vault policy write policy_groupad_fullacess1 /home/vuser/policy_groupad_fullacess1.hcl
+```
+
+Удостоверимся, что все записалось
+```
+vault policy list
+vault policy read policy_groupad_fullacess1
+```
\ No newline at end of file