--- layout: guides page_title: Identity and Access Management - Guides description: >- Once a Vault instance has been installed, the next step is to configure auth backends, secret backends, and manage keys. Vault configuration guides addresses key concepts in configuring your Vault application. --- # Identity and Access Management This guide walks you through Identity and Access Management topics. - [Secure Introduction of Vault Clients](/guides/identity/secure-intro) explains the mechanism of the client authentication against a Vault server. - [Policies](/guides/identity/policies) are used to instrument Role-Based Access Control (RBAC) by specifying access privileges. Authoring of policies is probably the first step the Vault administrator performs. This guide walks you through creating example policies for `admin` and `provisioner` users. - [ACL Policy Path Templating](/guides/identity/policy-templating) guide demonstrates templated policy paths to allow non-static paths. - [AppRole Pull Authentication](/guides/identity/authentication) guide that introduces the steps to generate tokens for machines or apps by enabling AppRole auth method. - [AppRole with Terraform and Chef](/guides/identity/approle-trusted-entities) guide explains how AppRole auth method integrates with Terraform and Chef. This guide is for anyone who wishes to reproduce the demo introduced during the [Delivering Secret Zero: Vault AppRole with Terraform and Chef](https://www.hashicorp.com/resources/delivering-secret-zero-vault-approle-terraform-chef) webinar. - [Token and Leases](/guides/identity/lease) guide helps you understand how tokens and leases work in Vault. The understanding of the lease hierarchy and expiration mechanism helps you plan for break glass procedures and more. - [Identity - Entities & Groups](/guides/identity/identity) guide demonstrates the usage of _Entities_ and _Groups_ to manage Vault clients' identity. ## Vault Enterprise - [Sentinel Policies](/guides/identity/sentinel) guide walks through the creation and usage of _Role Governing Policies_ (RGPs) and _Endpoint Governing Policies_ (EGPs) in Vault. - [Control Groups](/guides/identity/control-groups) can be used to enforce additional authorization factors before the request can be completed. This guide walks through the implementation of a Control Group.