Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Secrets management with Vault
Search
Sponsored
·
Your Podcast. Everywhere. Effortlessly.
Share. Educate. Inspire. Entertain. You do you. We'll handle the rest.
→
Boris Quiroz
December 20, 2017
Technology
65
0
Share
Secrets management with Vault
https://www.meetup.com/Santiago-HashiCorp-User-Group/events/245738064/
Boris Quiroz
December 20, 2017
More Decks by Boris Quiroz
See All by Boris Quiroz
Docker Images Best Practices
boris
0
58
Software Freedom Day 2015
boris
0
48
Code Driven Infrastructure
boris
0
74
hola mundo
boris
0
68
DevOps Tools: Chef + Vagrant
boris
0
230
Kitchen.CI
boris
0
120
Introducción a HSTS
boris
0
59
Hands-on Lab
boris
0
83
Tech, Method & Philosophy for the cloud
boris
0
60
Other Decks in Technology
See All in Technology
「使われるデータ基盤」を目指してデータアナリストとワークショップをやった話
jackojacko_
2
930
マーケットプレイス版Oracle WebCenter Content For OCI
oracle4engineer
PRO
5
1.7k
Claude code Orchestra
ozakiomumkj
2
690
Platform Engineering as a Product: Criteria for Improvement and Multi-Tenant Design
kumorn5s
0
390
long-running-tasks
cipepser
2
440
Gradle×GitHub_ActionsでCI時間を約50%短縮 ジョブ分割の設計と落とし穴 / Cutting CI Time by ~50% with Gradle and GitHub Actions: Job-Splitting Design and Pitfalls
takatty
0
530
イベントで大活躍する電子ペーパー名札 〜その3〜 / ビジュアルプログラミングIoTLT vol.23
you
PRO
0
170
Claude Codeを組織で使いこなす— サーバサイドAIエージェント運用の実践知
techtekt
PRO
0
130
APIテストとは?
nagix
0
160
Spring AI × MCP 入門〜AIエージェントへのツール公開、境界設計から始める最小構成 〜
yuyamiyamoto
0
180
Spring Boot における AOT Cache 活用テクニックと 起動時間改善事例
ntt_dsol_java
0
170
20260528_生成AIを専属DSに_Howの次にすべきことを考える
doradora09
PRO
0
260
Featured
See All Featured
Practical Tips for Bootstrapping Information Extraction Pipelines
honnibal
25
1.9k
Save Time (by Creating Custom Rails Generators)
garrettdimon
PRO
32
3.2k
Dominate Local Search Results - an insider guide to GBP, reviews, and Local SEO
greggifford
PRO
0
180
Bootstrapping a Software Product
garrettdimon
PRO
307
120k
Stewardship and Sustainability of Urban and Community Forests
pwiseman
0
220
Responsive Adventures: Dirty Tricks From The Dark Corners of Front-End
smashingmag
254
22k
Visualization
eitanlees
152
17k
So, you think you're a good person
axbom
PRO
2
2k
WENDY [Excerpt]
tessaabrams
11
38k
It's Worth the Effort
3n
188
29k
Code Review Best Practice
trishagee
74
20k
The Psychology of Web Performance [Beyond Tellerrand 2023]
tammyeverts
49
3.4k
Transcript
Vault Boris Quiroz Q. -
[email protected]
- github.com/boris
¿Qué es Vault?
Una herramienta para acceder a secretos de forma segura.
• Almacenamiento seguro • Secretos dinámicos • Encriptación de data
• Leasing and Renewal • Revocación
Conceptos
• Seal/Unseal • Tokens • Policy • Secret Backend
Políticas
Proporcionan una manera declarativa de delegar acceso a ciertas rutas
y operaciones en Vault.
path “secret/*” { capabilities = [ “write”, “list” ] }
path “secret/very-secret/*” { capabilities = [ “deny” ] }
path “secret/not-secret/*” { capabilities = [ “create”, “delete”, “list”, “read”,
“update” ] }
AWS
{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": "iam:*",
"Resource": "*" } ] }
Demo https://git.io/scl-vault-meetup
boris
jackojacko_
oracle4engineer
ozakiomumkj
kumorn5s
cipepser
takatty
you
techtekt
nagix
yuyamiyamoto
ntt_dsol_java
doradora09
honnibal
garrettdimon
greggifford
pwiseman
smashingmag
eitanlees
axbom
tessaabrams
3n
trishagee
tammyeverts
![Vault Boris Quiroz Q. - [email protected] - github.com/boris](https://files.speakerdeck.com/presentations/afe2515e1331422ba35f6a945cc8f615/slide_0.jpg){kind=link}
![path “secret/*” { capabilities = [ “write”, “list” ] }](https://files.speakerdeck.com/presentations/afe2515e1331422ba35f6a945cc8f615/slide_8.jpg){kind=link}
![path “secret/very-secret/*” { capabilities = [ “deny” ] }](https://files.speakerdeck.com/presentations/afe2515e1331422ba35f6a945cc8f615/slide_9.jpg){kind=link}
