Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Secrets management with Vault
Search
Boris Quiroz
December 20, 2017
Technology
61
0
Share
Secrets management with Vault
https://www.meetup.com/Santiago-HashiCorp-User-Group/events/245738064/
Boris Quiroz
December 20, 2017
More Decks by Boris Quiroz
See All by Boris Quiroz
Docker Images Best Practices
boris
0
58
Software Freedom Day 2015
boris
0
47
Code Driven Infrastructure
boris
0
74
hola mundo
boris
0
67
DevOps Tools: Chef + Vagrant
boris
0
230
Kitchen.CI
boris
0
120
Introducción a HSTS
boris
0
57
Hands-on Lab
boris
0
83
Tech, Method & Philosophy for the cloud
boris
0
59
Other Decks in Technology
See All in Technology
マルチプロダクトの信頼性を効率良く保っていくために
kworkdev
PRO
0
140
Introduction to Sansan, inc / Sansan Global Development Center, Inc.
sansan33
PRO
0
3k
明日からドヤれる!超マニアックなAWSセキュリティTips10連発 / 10 Ultra-Niche AWS Security Tips
yuj1osm
0
550
JEDAI in Osaka 2026イントロ
taka_aki
0
290
システムは「動く」だけでは足りない 実装編 - 非機能要件・分散システム・トレードオフをコードで見る
nwiizo
4
420
Eight Engineering Unit 紹介資料
sansan33
PRO
3
7.2k
Azure Lifecycle with Copilot CLI
torumakabe
3
1k
AIエージェントの権限管理 2: データ基盤の Fine grained access control 編
ren8k
0
120
AWS認定資格は本当に意味があるのか?
nrinetcom
PRO
1
260
AI時代における技術的負債への取り組み
codenote
1
1.3k
Introduction to Bill One Development Engineer
sansan33
PRO
0
410
EBS暗号化に失敗してEC2が動かなくなった話
hamaguchimmm
2
180
Featured
See All Featured
The #1 spot is gone: here's how to win anyway
tamaranovitovic
2
1k
What does AI have to do with Human Rights?
axbom
PRO
1
2.1k
The World Runs on Bad Software
bkeepers
PRO
72
12k
30 Presentation Tips
portentint
PRO
1
270
Discover your Explorer Soul
emna__ayadi
2
1.1k
Measuring Dark Social's Impact On Conversion and Attribution
stephenakadiri
1
180
Building a A Zero-Code AI SEO Workflow
portentint
PRO
0
450
The Curse of the Amulet
leimatthew05
1
11k
Designing for Performance
lara
611
70k
Music & Morning Musume
bryan
47
7.2k
Evolution of real-time – Irina Nazarova, EuRuKo, 2024
irinanazarova
9
1.3k
Intergalactic Javascript Robots from Outer Space
tanoku
273
27k
Transcript
Vault Boris Quiroz Q. -
[email protected]
- github.com/boris
¿Qué es Vault?
Una herramienta para acceder a secretos de forma segura.
• Almacenamiento seguro • Secretos dinámicos • Encriptación de data
• Leasing and Renewal • Revocación
Conceptos
• Seal/Unseal • Tokens • Policy • Secret Backend
Políticas
Proporcionan una manera declarativa de delegar acceso a ciertas rutas
y operaciones en Vault.
path “secret/*” { capabilities = [ “write”, “list” ] }
path “secret/very-secret/*” { capabilities = [ “deny” ] }
path “secret/not-secret/*” { capabilities = [ “create”, “delete”, “list”, “read”,
“update” ] }
AWS
{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": "iam:*",
"Resource": "*" } ] }
Demo https://git.io/scl-vault-meetup
boris
kworkdev
sansan33
yuj1osm
taka_aki
nwiizo
torumakabe
ren8k
nrinetcom
codenote
hamaguchimmm
tamaranovitovic
axbom
bkeepers
portentint
emna__ayadi
stephenakadiri
leimatthew05
lara
bryan
irinanazarova
tanoku
![Vault Boris Quiroz Q. - [email protected] - github.com/boris](https://files.speakerdeck.com/presentations/afe2515e1331422ba35f6a945cc8f615/slide_0.jpg){kind=link}
![path “secret/*” { capabilities = [ “write”, “list” ] }](https://files.speakerdeck.com/presentations/afe2515e1331422ba35f6a945cc8f615/slide_8.jpg){kind=link}
![path “secret/very-secret/*” { capabilities = [ “deny” ] }](https://files.speakerdeck.com/presentations/afe2515e1331422ba35f6a945cc8f615/slide_9.jpg){kind=link}
