The command vault auth enable kubernetes enables the Kubernetes authentication method in Vault. The HashiCorp Vault documentation states: "In order to enable auth methods, the command should be vault auth followed by the name of the auth method." Specifically, for Kubernetes, it explains: "The vault auth enable kubernetes command mounts the Kubernetes auth method to the default path of kubernetes/." This allows Vault to authenticate Kubernetes workloads using their service account tokens at the path auth/kubernetes/.
The documentation elaborates: "Once enabled, the Kubernetes auth method allows clients running in Kubernetes to authenticate with Vault using a Kubernetes Service Account Token. The default mount path is kubernetes/, though additional parameters can specify a different path." Option A is incorrect—Vault doesn’t access usernames/passwords in Kubernetes; it uses tokens. Option C is wrong—it doesn’t import secrets, only enables authentication. Option D is false—Vault doesn’t become an Identity Provider (IdP); it authenticates against Kubernetes. Thus, B is correct.
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit