Integrate Vault with Nomad to use tokens, password, certificates, API keys, and secrets stored in Vault. Configure Nomad to use Vault access control lists (ACLs) to secure your cluster. Learn how to configure Nomad agents and use Consul Template in your job specification.| Vault Integration | Nomad | HashiCorp Developer
Learn how to integrate Consul access control list (ACL) with Nomad workload identity. Learn how to migrate to using Nomad workload identity with Consul. Configure Consul so it can receive, validate, and trust workload identities from Nomad. Create binding and namespace rules. Review considerations for using the JSON Web Key Set (JWKS) URL.| Integrate Consul ACL | Nomad | HashiCorp Developer
Configure workload identity in the `identity` block of the Nomad job specification. Review how to configure workload identities for Consul and Vault.| identity block in the job specification | Nomad | HashiCorp Developer
Configure Consul options in the `consul` block of the Nomad job specification to register them in the Consul catalog. Specify that the group or task requires a Consul token. Configure the Consul cluster, namespace, and partition. Review template, group services, namespace, and admin partition examples.| consul block in the job specification | Nomad | HashiCorp Developer
Nomad key concepts include allocation, authoritative regions, bin packing, client, datacenters, deployment, driver, evaluation, job, node, node pool, regions, server, task, and task group.| Glossary | Nomad | HashiCorp Developer
Nomad's variables feature lets you store and use encrypted configuration data in your job specifications. Learn how Access Control List (ACL) policies restrict access to variables within a namespace, how a job task's workload identity grants access to variables, and how locking a variable blocks access to that variable.| Nomad Variables | Nomad | HashiCorp Developer
Nomad implements job scheduling using jobs, nodes, allocations, and evaluations. Learn about job lifecycle and how the job scheduler generates the allocation plan that the server implements using a service, batch, system, sysbatch, or core scheduler.| How Nomad job scheduling works | Nomad | HashiCorp Developer
Jobs can access Nomad's HTTP API via the Task API.| Task HTTP API | Nomad | HashiCorp Developer
The /service endpoints are used to query and interact with Nomad services.| Services - HTTP API | Nomad | HashiCorp Developer
JSON Web Token (JWT) is a compact, URL-safe means of representing claims to be transferred between two parties. The claims in a JWT are encoded as a JSON object that is used as the payload of a JSON Web Signature (JWS) structure or as the plaintext of a JSON Web Encryption (JWE) structure, enabling the claims to be digitally signed or integrity protected with a Message Authentication Code (MAC) and/or encrypted.| IETF Datatracker
Nomad's workload identity feature isolates and uniquely identities each workload so you can associate Access Control List (ACL) policies to jobs. Learn about workload identity claims, claims attributes specific to Nomad Enterprise, default workload ACL policy, and workload identity for Consul and Vault.| Workload Identity | Nomad | HashiCorp Developer
Configure Nomad server and client integration with HashiCorp Vault in the `vault` block of a Nomad agent configuration. Configure cluster name and the role for creating tokens. For Nomad clients, configure Vault's address, namespace, and certificate or TLS authentication. Specify the JWT authentication path. For Nomad servers, configure the server's default workload identity, which includes workload identity recipients, workload TTL, and key-value pairs for additional identity claims.| vault Block in Agent Configuration | Nomad | HashiCorp Developer
The "vault" block allows the task to specify that it requires a token from a HashiCorp Vault server. Nomad will automatically retrieve a Vault token for the task and handle token renewal for the task.| vault Block - Job Specification | Nomad | HashiCorp Developer