Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Secrets management with Vault
Search
Boris Quiroz
December 20, 2017
Technology
0
50
Secrets management with Vault
https://www.meetup.com/Santiago-HashiCorp-User-Group/events/245738064/
Boris Quiroz
December 20, 2017
Tweet
Share
More Decks by Boris Quiroz
See All by Boris Quiroz
Docker Images Best Practices
boris
0
49
Software Freedom Day 2015
boris
0
39
Code Driven Infrastructure
boris
0
58
hola mundo
boris
0
53
DevOps Tools: Chef + Vagrant
boris
0
220
Kitchen.CI
boris
0
110
Introducción a HSTS
boris
0
50
Hands-on Lab
boris
0
68
Tech, Method & Philosophy for the cloud
boris
0
47
Other Decks in Technology
See All in Technology
Babylon.jsと色々なものを組み合わせる:ブラウザのAPIやガジェットや2D描画ライブラリなど / Babylon.js 勉強会 vol.3
you
PRO
0
150
本当のAWS基礎
toru_kubota
1
600
FrontDoorとWebAppsを組み合わせた際のリダイレクト処理の注意点
kenichirokimura
1
700
自己改善からチームを動かす! 「セルフエンジニアリングマネージャー」のすゝめ
shoota
6
1k
MixIT 2024 - Pulumi : Gérer son infra avec son langage de programmation préféré
ju_hnny5
1
120
今日からできる!簡単 .NET 高速化 Tips -2024 edition-
xin9le
7
3.4k
Google Cloud Next '24でブログを10本書いた方法と勉強会を沸かせた方法
yasumuusan
0
320
競技としてのKaggle、役に立つKaggle
yu4u
6
2.3k
Android Target SDK 35 (Android 15) 対応の概要
akkie76
0
140
ルーターでプレゼンする
puhitaku
1
3.2k
一生覚えておきたい「システム開発=コミュニケーション」〜初めての実務案件振り返りLT〜
maimyyym
2
250
Rustで「プリズモイダル法」を利用して「土量計算」をガチでやる
nokonoko1203
1
250
Featured
See All Featured
Testing 201, or: Great Expectations
jmmastey
29
6.4k
実際に使うSQLの書き方 徹底解説 / pgcon21j-tutorial
soudai
123
39k
XXLCSS - How to scale CSS and keep your sanity
sugarenia
242
1.2M
[RailsConf 2023 Opening Keynote] The Magic of Rails
eileencodes
13
8.3k
Producing Creativity
orderedlist
PRO
338
39k
In The Pink: A Labor of Love
frogandcode
138
21k
The Pragmatic Product Professional
lauravandoore
26
5.8k
The MySQL Ecosystem @ GitHub 2015
samlambert
244
12k
Writing Fast Ruby
sferik
622
60k
Exploring the Power of Turbo Streams & Action Cable | RailsConf2023
kevinliebholz
5
3.4k
Debugging Ruby Performance
tmm1
70
11k
What's new in Ruby 2.0
geeforr
337
31k
Transcript
Vault Boris Quiroz Q. -
[email protected]
- github.com/boris
¿Qué es Vault?
Una herramienta para acceder a secretos de forma segura.
• Almacenamiento seguro • Secretos dinámicos • Encriptación de data
• Leasing and Renewal • Revocación
Conceptos
• Seal/Unseal • Tokens • Policy • Secret Backend
Políticas
Proporcionan una manera declarativa de delegar acceso a ciertas rutas
y operaciones en Vault.
path “secret/*” { capabilities = [ “write”, “list” ] }
path “secret/very-secret/*” { capabilities = [ “deny” ] }
path “secret/not-secret/*” { capabilities = [ “create”, “delete”, “list”, “read”,
“update” ] }
AWS
{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": "iam:*",
"Resource": "*" } ] }
Demo https://git.io/scl-vault-meetup
boris
you
toru_kubota
kenichirokimura
shoota
ju_hnny5
xin9le
yasumuusan
yu4u
akkie76
puhitaku
maimyyym
nokonoko1203
jmmastey
soudai
sugarenia
eileencodes
orderedlist
frogandcode
lauravandoore
samlambert
sferik
kevinliebholz
tmm1
geeforr
![Vault Boris Quiroz Q. - [email protected] - github.com/boris](https://files.speakerdeck.com/presentations/afe2515e1331422ba35f6a945cc8f615/slide_0.jpg){kind=link}
![path “secret/*” { capabilities = [ “write”, “list” ] }](https://files.speakerdeck.com/presentations/afe2515e1331422ba35f6a945cc8f615/slide_8.jpg){kind=link}
![path “secret/very-secret/*” { capabilities = [ “deny” ] }](https://files.speakerdeck.com/presentations/afe2515e1331422ba35f6a945cc8f615/slide_9.jpg){kind=link}
