Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Secrets management with Vault
Search
Boris Quiroz
December 20, 2017
Technology
0
55
Secrets management with Vault
https://www.meetup.com/Santiago-HashiCorp-User-Group/events/245738064/
Boris Quiroz
December 20, 2017
Tweet
Share
More Decks by Boris Quiroz
See All by Boris Quiroz
Docker Images Best Practices
boris
0
52
Software Freedom Day 2015
boris
0
42
Code Driven Infrastructure
boris
0
65
hola mundo
boris
0
60
DevOps Tools: Chef + Vagrant
boris
0
220
Kitchen.CI
boris
0
110
Introducción a HSTS
boris
0
52
Hands-on Lab
boris
0
76
Tech, Method & Philosophy for the cloud
boris
0
50
Other Decks in Technology
See All in Technology
コード品質向上で得られる効果と実践的取り組み
ham0215
0
190
職種に名前が付く、ということ/The fact that a job title has a name
bitkey
1
200
空が堕ち、大地が割れ、海が涸れた日~もしも愛用しているフレームワークが開発停止したら?~ #phperkaigi 2025
77web
2
960
RubyKaigi で得た課題解決法・美意識・モチベーション
morihirok
0
320
Reactを段階的に覗いてみる
ytaisei
2
840
Keynote - KCD Brazil - Platform Engineering on K8s (portuguese)
salaboy
0
110
技術好きなエンジニアが _リーダーへの進化_ によって得たものと失ったもの / The Gains and Losses of a Tech-Enthusiast Engineer’s “Evolution into Leadership”
kaminashi
0
180
EM初心者として半年間マネジャーをやってみて分かったこと
sansantech
PRO
0
190
開発組織全体で意識するSLI/SLOを実装している話
zepprix
1
720
一人QA時代が終わり、 QAチームが立ち上がった話
ma_cho29
0
220
スケールアップ企業のQA組織のバリューを最大限に引き出すための取り組み
tarappo
4
740
Engineering Managementのグローバルトレンド #emoasis / Engineering Management Global Trend
kyonmm
PRO
6
920
Featured
See All Featured
How STYLIGHT went responsive
nonsquared
99
5.4k
[Rails World 2023 - Day 1 Closing Keynote] - The Magic of Rails
eileencodes
33
2.1k
Distributed Sagas: A Protocol for Coordinating Microservices
caitiem20
331
21k
Building an army of robots
kneath
304
45k
The World Runs on Bad Software
bkeepers
PRO
67
11k
Imperfection Machines: The Place of Print at Facebook
scottboms
267
13k
Scaling GitHub
holman
459
140k
CoffeeScript is Beautiful & I Never Want to Write Plain JavaScript Again
sstephenson
160
15k
What's in a price? How to price your products and services
michaelherold
244
12k
Bootstrapping a Software Product
garrettdimon
PRO
307
110k
Faster Mobile Websites
deanohume
306
31k
RailsConf 2023
tenderlove
29
1k
Transcript
Vault Boris Quiroz Q. - bq@zsh.io - github.com/boris
¿Qué es Vault?
Una herramienta para acceder a secretos de forma segura.
• Almacenamiento seguro • Secretos dinámicos • Encriptación de data
• Leasing and Renewal • Revocación
Conceptos
• Seal/Unseal • Tokens • Policy • Secret Backend
Políticas
Proporcionan una manera declarativa de delegar acceso a ciertas rutas
y operaciones en Vault.
path “secret/*” { capabilities = [ “write”, “list” ] }
path “secret/very-secret/*” { capabilities = [ “deny” ] }
path “secret/not-secret/*” { capabilities = [ “create”, “delete”, “list”, “read”,
“update” ] }
AWS
{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": "iam:*",
"Resource": "*" } ] }
Demo https://git.io/scl-vault-meetup
boris
ham0215
bitkey
77web
morihirok
ytaisei
salaboy
kaminashi
sansantech
zepprix
ma_cho29
tarappo
kyonmm
nonsquared
eileencodes
caitiem20
kneath
bkeepers
scottboms
holman
sstephenson
michaelherold
garrettdimon
deanohume
tenderlove
![path “secret/*” { capabilities = [ “write”, “list” ] }](https://files.speakerdeck.com/presentations/afe2515e1331422ba35f6a945cc8f615/slide_8.jpg){kind=link}
![path “secret/very-secret/*” { capabilities = [ “deny” ] }](https://files.speakerdeck.com/presentations/afe2515e1331422ba35f6a945cc8f615/slide_9.jpg){kind=link}
