Section Overview

Vault Secrets Engines are the core building blocks of any HashiCorp Vault deployment. They handle everything from storing static secrets and generating dynamic credentials to issuing certificates and performing encryption. In fact, every Vault feature you interact with is delivered via a Secrets Engine. Below are the Vault Associate Exam objectives related to Secrets Engines:

Exam Objective	Description
Choose a secret method based on use case	Identify the appropriate Secrets Engine for different scenarios
Contrast static vs. dynamic secrets	Explain the differences and ideal use cases for each secret type
Define the Transit Secrets Engine	Understand the purpose and functionality of the Transit engine
Define what Secrets Engines are	Describe the role and mechanics of Secrets Engines in Vault

Although the exam lists these objectives in the order above, this guide follows a more natural progression:

What is a Secrets Engine?
Static vs. Dynamic Secrets
Selecting the Right Secrets Engine for Your Use Case
Deep Dive: The Transit Secrets Engine

Let’s get started!

Introduction

Introduction to Vault

Learning the Vault Architecture

Installing Vault

Compare Authentication Methods

Create Vault Policies

Assess Vault Tokens

Compare and Configure Secrets Engines

Vault Agent

Vault Replication

Watch Video