Vault is a client-server tool that consists of a client component that's used by developers for applications and a server component that is responsible for protecting data in remote backends.
After installing Vault locally, we only have access to the client part, and to be able to use Vault, we'll start the server component.
To start the Vault server component in development mode, we'll execute this command in a second Terminal:
vault server -dev
This command starts and configures the Vault server with a minimal configuration that contains an authentication token and a default backend called in-memory, which store all secrets data in the memory of the server, as shown in the following screenshot:
Also, since we are in development mode and the backend storage is just in the memory, as soon as the Vault server stops, all of the secret data is deleted from the memory.
Then, as indicated during this execution, we'll export the VAULT_ADDR environment variable with this command in another Terminal:
export VAULT_ADDR='http://127.0.0.1:8200'
Finally, to check the execution status of the Vault server, we execute the following command:
vault status
Here is the command output, which displays the properties of the Vault server:
Now that Vault is installed and the server is started, we'll see how to write data to Vault to protect it, and read that data so it can be used from a third-party application.