Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Secrets management with Vault
Search
Boris Quiroz
December 20, 2017
Technology
0
51
Secrets management with Vault
https://www.meetup.com/Santiago-HashiCorp-User-Group/events/245738064/
Boris Quiroz
December 20, 2017
Tweet
Share
More Decks by Boris Quiroz
See All by Boris Quiroz
Docker Images Best Practices
boris
0
51
Software Freedom Day 2015
boris
0
39
Code Driven Infrastructure
boris
0
61
hola mundo
boris
0
58
DevOps Tools: Chef + Vagrant
boris
0
220
Kitchen.CI
boris
0
110
Introducción a HSTS
boris
0
51
Hands-on Lab
boris
0
74
Tech, Method & Philosophy for the cloud
boris
0
49
Other Decks in Technology
See All in Technology
Oracle Cloud Infrastructure データベース・クラウド:各バージョンのサポート期間
oracle4engineer
PRO
29
13k
【Startup CTO of the Year 2024 / Audience Award】アセンド取締役CTO 丹羽健
niwatakeru
0
1.4k
Chasing the White Whale of Open Source - ROI
mrbobbytables
0
110
Storybook との上手な向き合い方を考える
re_taro
5
1.4k
20241120_JAWS_東京_ランチタイムLT#17_AWS認定全冠の先へ
tsumita
2
310
[CV勉強会@関東 ECCV2024 読み会] オンラインマッピング x トラッキング MapTracker: Tracking with Strided Memory Fusion for Consistent Vector HD Mapping (Chen+, ECCV24)
abemii
0
230
Terraform Stacks入門 #HashiTalks
msato
0
360
リンクアンドモチベーション ソフトウェアエンジニア向け紹介資料 / Introduction to Link and Motivation for Software Engineers
lmi
4
300k
プロダクト活用度で見えた真実 ホリゾンタルSaaSでの顧客解像度の高め方
tadaken3
0
220
Python(PYNQ)がテーマのAMD主催のFPGAコンテストに参加してきた
iotengineer22
0
540
Platform Engineering for Software Developers and Architects
syntasso
1
530
New Relicを活用したSREの最初のステップ / NRUG OKINAWA VOL.3
isaoshimizu
3
650
Featured
See All Featured
How To Stay Up To Date on Web Technology
chriscoyier
788
250k
XXLCSS - How to scale CSS and keep your sanity
sugarenia
246
1.3M
I Don’t Have Time: Getting Over the Fear to Launch Your Podcast
jcasabona
28
2k
Put a Button on it: Removing Barriers to Going Fast.
kastner
59
3.5k
Adopting Sorbet at Scale
ufuk
73
9.1k
Exploring the Power of Turbo Streams & Action Cable | RailsConf2023
kevinliebholz
27
4.3k
Documentation Writing (for coders)
carmenintech
65
4.4k
個人開発の失敗を避けるイケてる考え方 / tips for indie hackers
panda_program
93
16k
GraphQLとの向き合い方2022年版
quramy
43
13k
Rails Girls Zürich Keynote
gr2m
94
13k
For a Future-Friendly Web
brad_frost
175
9.4k
RailsConf 2023
tenderlove
29
900
Transcript
Vault Boris Quiroz Q. -
[email protected]
- github.com/boris
¿Qué es Vault?
Una herramienta para acceder a secretos de forma segura.
• Almacenamiento seguro • Secretos dinámicos • Encriptación de data
• Leasing and Renewal • Revocación
Conceptos
• Seal/Unseal • Tokens • Policy • Secret Backend
Políticas
Proporcionan una manera declarativa de delegar acceso a ciertas rutas
y operaciones en Vault.
path “secret/*” { capabilities = [ “write”, “list” ] }
path “secret/very-secret/*” { capabilities = [ “deny” ] }
path “secret/not-secret/*” { capabilities = [ “create”, “delete”, “list”, “read”,
“update” ] }
AWS
{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": "iam:*",
"Resource": "*" } ] }
Demo https://git.io/scl-vault-meetup
boris
oracle4engineer
niwatakeru
mrbobbytables
re_taro
tsumita
abemii
msato
lmi
tadaken3
iotengineer22
syntasso
isaoshimizu
chriscoyier
sugarenia
jcasabona
kastner
ufuk
kevinliebholz
carmenintech
panda_program
quramy
gr2m
brad_frost
tenderlove
![Vault Boris Quiroz Q. - [email protected] - github.com/boris](https://files.speakerdeck.com/presentations/afe2515e1331422ba35f6a945cc8f615/slide_0.jpg){kind=link}
![path “secret/*” { capabilities = [ “write”, “list” ] }](https://files.speakerdeck.com/presentations/afe2515e1331422ba35f6a945cc8f615/slide_8.jpg){kind=link}
![path “secret/very-secret/*” { capabilities = [ “deny” ] }](https://files.speakerdeck.com/presentations/afe2515e1331422ba35f6a945cc8f615/slide_9.jpg){kind=link}
