diff --git a/.secrets-baseline b/.secrets-baseline
index ed7381f..98b4c98 100644
--- a/.secrets-baseline
+++ b/.secrets-baseline
@@ -199,8 +199,16 @@
         "is_verified": false,
         "line_number": 10,
         "is_secret": false
+      },
+      {
+        "type": "Secret Keyword",
+        "filename": "nomad/vault_hashi_vault_values.example.yml",
+        "hashed_secret": "0beec7b5ea3f0fdbc95d0dd47f3c5bc275da8a33",
+        "is_verified": false,
+        "line_number": 22,
+        "is_secret": false
       }
     ]
   },
-  "generated_at": "2022-07-25T23:35:15Z"
+  "generated_at": "2022-07-27T03:09:38Z"
 }
diff --git a/nomad/acls/vault_login.tf b/nomad/acls/vault_login.tf
new file mode 100644
index 0000000..149bf4e
--- /dev/null
+++ b/nomad/acls/vault_login.tf
@@ -0,0 +1,8 @@
+resource "vault_auth_backend" "userpass" {
+  type = "userpass"
+
+  tune {
+    max_lease_ttl      = "1h"
+    listing_visibility = "unauth"
+  }
+}
diff --git a/nomad/acls/vault_policies.tf b/nomad/acls/vault_policies.tf
new file mode 100644
index 0000000..77ff7f4
--- /dev/null
+++ b/nomad/acls/vault_policies.tf
@@ -0,0 +1,9 @@
+resource "vault_policy" "admin" {
+  name = "admin"
+
+  policy = <<EOF
+path "*" {
+  capabilities = ["create", "read", "update", "delete", "list", "sudo"]
+}
+  EOF
+}
diff --git a/nomad/bootstrap-values.yml b/nomad/bootstrap-values.yml
index 60604c4..135ef41 100644
--- a/nomad/bootstrap-values.yml
+++ b/nomad/bootstrap-values.yml
@@ -57,3 +57,11 @@
               data:
                 "{{ item.value }}"
           loop: "{{ hashi_vault_values | default({}) | dict2items }}"
+
+        - name: Write userpass
+          community.hashi_vault.vault_write:
+            url: "http://{{ inventory_hostname }}:8200"
+            token: "{{ root_token }}"
+            path: "auth/userpass/users/{{ item.name }}"
+            data: '{"password": "{{ item.password }}", "policies": "{{ item.policies }}"}'
+          loop: "{{ vault_userpass }}"
diff --git a/nomad/vault_hashi_vault_values.example.yml b/nomad/vault_hashi_vault_values.example.yml
index df367f3..2d3dbe9 100644
--- a/nomad/vault_hashi_vault_values.example.yml
+++ b/nomad/vault_hashi_vault_values.example.yml
@@ -16,3 +16,8 @@ hashi_vault_values:
     alert_email_addresses: email@example.com
   backups:
     backup_passphrase: tellnoone
+
+vault_userpass:
+  - name: admin
+    password: foo
+    policies: default