HCP Vault Onboarding - What to Expect#
This document is to describe to service teams what they can expect from the secrets management team (SECM) when onboarding to HCP Vault.
Pre-Onboarding Steps#
- Service Team: Fill out the Service Level Readiness form for Vault The secrets management team will schedule a meeting to discuss use cases and next steps
- SECM: The secrets management team will provide documentation that includes:
- SECM: Creates a Target Process story to track the work and determine the availability of resources and agreed upon timeline within both of the teams to complete the onboarding process.
Onboarding Steps#
- SECM: The secrets management team will schedule a meeting (30 minutes) to go over the following:
- Brief overview of Vault
- Discuss service team scope and use cases
- Demo Vault and show sample repo
- Discuss need for sub-namespaces
- Service Team/SECM: Add team to the #hcp-vault slack channel for support and community discussion within the University
- Service Team: Submit the CESI Namespace Google Form to get a namespace created for service team.
- Please specify who will have update access within Grouper to control which users can be added/removed from their created group for namespace access.
- Service Team: Submit the CESI Sub-namespace Google Form to create any sub-namespaces that may be required Sub-namespaces are for CESI groups that have subteams within them that require further isolation of secrets.
- SECM: Schedule 1-2+ (1 hour) meetings to guide the service team through 1-2 use cases. During these sessions the SECM will go over:
- Accessing Vault
- Grouper Structure for Namespace Management
- Vault Policies
- 1 or 2 use cases as needed by the service team
- Other best practices
- Service Team: Reach out to schedule any follow up sessions as needed for: Training or knowledge sharing sessions Namespace setup