Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Secrets management with Vault

Sponsored · SiteGround - Reliable hosting with speed, security, and support you can count on.
Avatar for Boris Quiroz Boris Quiroz
December 20, 2017
Technology
0
60

Secrets management with Vault

https://www.meetup.com/Santiago-HashiCorp-User-Group/events/245738064/

Avatar for Boris Quiroz

Boris Quiroz

December 20, 2017
Tweet

More Decks by Boris Quiroz

See All by Boris Quiroz
Docker Images Best Practices
Avatar for Boris Quiroz boris
0
57
Software Freedom Day 2015
Avatar for Boris Quiroz boris
0
46
Code Driven Infrastructure
Avatar for Boris Quiroz boris
0
72
hola mundo
Avatar for Boris Quiroz boris
0
66
DevOps Tools: Chef + Vagrant
Avatar for Boris Quiroz boris
0
230
Kitchen.CI
Avatar for Boris Quiroz boris
0
120
Introducción a HSTS
Avatar for Boris Quiroz boris
0
55
Hands-on Lab
Avatar for Boris Quiroz boris
0
82
Tech, Method & Philosophy for the cloud
Avatar for Boris Quiroz boris
0
59

Other Decks in Technology

See All in Technology
Ruby版 JSXのRuxが気になる
Avatar for SansanTech sansantech
PRO
0
170
SREのプラクティスを用いた3領域同時 マネジメントへの挑戦 〜SRE・情シス・セキュリティを統合した チーム運営術〜
Avatar for coconala_engineer coconala_engineer
2
770
Codex 5.3 と Opus 4.6 にコーポレートサイトを作らせてみた / Codex 5.3 vs Opus 4.6
Avatar for ama-ch ama_ch
0
200
フルカイテン株式会社 エンジニア向け採用資料
Avatar for FULL KAITEN fullkaiten
0
10k
生成AIを活用した音声文字起こしシステムの2つの構築パターンについて
Avatar for Kazuki Miura miu_crescent
PRO
3
220
Bedrock PolicyでAmazon Bedrock Guardrails利用を強制してみた
Avatar for Yudai Jinno yuu551
0
260
20260204_Midosuji_Tech
Avatar for Takuya Yonezawa takuyay0ne
1
160
ClickHouseはどのように大規模データを活用したAIエージェントを全社展開しているのか
Avatar for Miki Matsumoto mikimatsumoto
0
270
~Everything as Codeを諦めない~ 後からCDK
Avatar for mu7889yoon / Yuta Nakamura mu7889yoon
3
490
CDKで始めるTypeScript開発のススメ
Avatar for つくぼし tsukuboshi
1
550
マネージャー視点で考えるプロダクトエンジニアの評価 / Evaluating Product Engineers from a Manager's Perspective
Avatar for hiro-torii hiro_torii
0
180
私たち準委任PdEは2つのプロダクトに挑戦する ~ソフトウェア、開発支援という”二重”のプロダクトエンジニアリングの実践~ / 20260212 Naoki Takahashi
Avatar for SHIFT EVOLVE shift_evolve
PRO
2
200

Featured

See All Featured
Digital Ethics as a Driver of Design Innovation
Avatar for Per Axbom axbom
PRO
1
190
Everyday Curiosity
Avatar for Cassini Nazir cassininazir
0
130
Building Applications with DynamoDB
Avatar for Matt Wood mza
96
6.9k
Reflections from 52 weeks, 52 projects
Avatar for Jefferson Lam jeffersonlam
356
21k
brightonSEO & MeasureFest 2025 - Christian Goodrich - Winning strategies for Black Friday CRO & PPC
Avatar for Christian Goodrich cargoodrich
3
110
How STYLIGHT went responsive
Avatar for nonsquared nonsquared
100
6k
AI in Enterprises - Java and Open Source to the Rescue
Avatar for ivargrimstad ivargrimstad
0
1.1k
Tips & Tricks on How to Get Your First Job In Tech
Avatar for Honza Javorek honzajavorek
0
440
[RailsConf 2023] Rails as a piece of cake
Avatar for Vladimir Dementyev palkan
59
6.3k
4 Signs Your Business is Dying
Avatar for Josh Pigford shpigford
187
22k
Color Theory Basics | Prateek | Gurzu
Avatar for Gurzu gurzu
0
200
Chasing Engaging Ingredients in Design
Avatar for Sebastian Deterding codingconduct
0
110

Transcript

  1. Vault Boris Quiroz Q. - [email protected] - github.com/boris

  2. ¿Qué es Vault?

  3. Una herramienta para acceder a secretos de forma segura.

  4. • Almacenamiento seguro • Secretos dinámicos • Encriptación de data

    • Leasing and Renewal • Revocación

  5. Conceptos

  6. • Seal/Unseal • Tokens • Policy • Secret Backend

  7. Políticas

  8. Proporcionan una manera declarativa de delegar acceso a ciertas rutas

    y operaciones en Vault.

  9. path “secret/*” { capabilities = [ “write”, “list” ] }

  10. path “secret/very-secret/*” { capabilities = [ “deny” ] }

  11. path “secret/not-secret/*” { capabilities = [ “create”, “delete”, “list”, “read”,

    “update” ] }

  12. AWS

  13. { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": "iam:*",

    "Resource": "*" } ] }

  14. Demo https://git.io/scl-vault-meetup