Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Secrets management with Vault
Search
Boris Quiroz
December 20, 2017
Technology
0
58
Secrets management with Vault
https://www.meetup.com/Santiago-HashiCorp-User-Group/events/245738064/
Boris Quiroz
December 20, 2017
Tweet
Share
More Decks by Boris Quiroz
See All by Boris Quiroz
Docker Images Best Practices
boris
0
56
Software Freedom Day 2015
boris
0
45
Code Driven Infrastructure
boris
0
67
hola mundo
boris
0
63
DevOps Tools: Chef + Vagrant
boris
0
230
Kitchen.CI
boris
0
120
Introducción a HSTS
boris
0
53
Hands-on Lab
boris
0
78
Tech, Method & Philosophy for the cloud
boris
0
53
Other Decks in Technology
See All in Technology
タイミーのデータモデリング事例と今後のチャレンジ
ttccddtoki
6
2.4k
OPENLOGI Company Profile for engineer
hr01
1
34k
B2C&B2B&社内向けサービスを抱える開発組織におけるサービス価値を最大化するイニシアチブ管理
belongadmin
1
6.9k
【5分でわかる】セーフィー エンジニア向け会社紹介
safie_recruit
0
27k
KiCadでPad on Viaの基板作ってみた
iotengineer22
0
300
無意味な開発生産性の議論から抜け出すための予兆検知とお金とAI
i35_267
4
13k
Claude Code に プロジェクト管理やらせたみた
unson
6
4k
Enhancing SaaS Product Reliability and Release Velocity through Optimized Testing Approach
ropqa
1
230
オーティファイ会社紹介資料 / Autify Company Deck
autifyhq
10
130k
開発生産性を測る前にやるべきこと - 組織改善の実践 / Before Measuring Dev Productivity
kaonavi
9
4.3k
Tokyo_reInforce_2025_recap_iam_access_analyzer
hiashisan
0
180
敢えて生成AIを使わないマネジメント業務
kzkmaeda
2
440
Featured
See All Featured
Producing Creativity
orderedlist
PRO
346
40k
The MySQL Ecosystem @ GitHub 2015
samlambert
251
13k
Making the Leap to Tech Lead
cromwellryan
134
9.4k
How to Think Like a Performance Engineer
csswizardry
25
1.7k
A Modern Web Designer's Workflow
chriscoyier
695
190k
[RailsConf 2023] Rails as a piece of cake
palkan
55
5.7k
Why You Should Never Use an ORM
jnunemaker
PRO
58
9.4k
The Art of Programming - Codeland 2020
erikaheidi
54
13k
Connecting the Dots Between Site Speed, User Experience & Your Business [WebExpo 2025]
tammyeverts
6
300
The World Runs on Bad Software
bkeepers
PRO
69
11k
Testing 201, or: Great Expectations
jmmastey
43
7.6k
Adopting Sorbet at Scale
ufuk
77
9.5k
Transcript
Vault Boris Quiroz Q. -
[email protected]
- github.com/boris
¿Qué es Vault?
Una herramienta para acceder a secretos de forma segura.
• Almacenamiento seguro • Secretos dinámicos • Encriptación de data
• Leasing and Renewal • Revocación
Conceptos
• Seal/Unseal • Tokens • Policy • Secret Backend
Políticas
Proporcionan una manera declarativa de delegar acceso a ciertas rutas
y operaciones en Vault.
path “secret/*” { capabilities = [ “write”, “list” ] }
path “secret/very-secret/*” { capabilities = [ “deny” ] }
path “secret/not-secret/*” { capabilities = [ “create”, “delete”, “list”, “read”,
“update” ] }
AWS
{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": "iam:*",
"Resource": "*" } ] }
Demo https://git.io/scl-vault-meetup
boris
ttccddtoki
hr01
belongadmin
safie_recruit
iotengineer22
i35_267
unson
ropqa
autifyhq
kaonavi
hiashisan
kzkmaeda
orderedlist
samlambert
cromwellryan
csswizardry
chriscoyier
palkan
jnunemaker
erikaheidi
tammyeverts
bkeepers
jmmastey
ufuk
![Vault Boris Quiroz Q. - [email protected] - github.com/boris](https://files.speakerdeck.com/presentations/afe2515e1331422ba35f6a945cc8f615/slide_0.jpg){kind=link}
![path “secret/*” { capabilities = [ “write”, “list” ] }](https://files.speakerdeck.com/presentations/afe2515e1331422ba35f6a945cc8f615/slide_8.jpg){kind=link}
![path “secret/very-secret/*” { capabilities = [ “deny” ] }](https://files.speakerdeck.com/presentations/afe2515e1331422ba35f6a945cc8f615/slide_9.jpg){kind=link}
