# basics

[vault](https://www.vaultproject.io) is a secrets management engine by hashicorp.


#### some cli usage
after installing `vault`:

login to your instance:
`vault login -address https://vault.arul.io`

using concourse as an example:

enable kv store:
`vault secrets enable -version=2 -path=concourse kv`

`concourse-policy.hcl`:
```
path "concourse/*" {
  capabilities = ["read"]
}
```

save the policy:
`vault policy write concourse ./concourse-policy.hcl`

create a token with the above policy:
`vault token create --policy concourse --period 1h`