Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Secrets management with Vault
Search
Sponsored
·
Your Podcast. Everywhere. Effortlessly.
Share. Educate. Inspire. Entertain. You do you. We'll handle the rest.
→
Boris Quiroz
December 20, 2017
Technology
60
0
Share
Secrets management with Vault
https://www.meetup.com/Santiago-HashiCorp-User-Group/events/245738064/
Boris Quiroz
December 20, 2017
More Decks by Boris Quiroz
See All by Boris Quiroz
Docker Images Best Practices
boris
0
57
Software Freedom Day 2015
boris
0
46
Code Driven Infrastructure
boris
0
73
hola mundo
boris
0
67
DevOps Tools: Chef + Vagrant
boris
0
230
Kitchen.CI
boris
0
120
Introducción a HSTS
boris
0
56
Hands-on Lab
boris
0
82
Tech, Method & Philosophy for the cloud
boris
0
59
Other Decks in Technology
See All in Technology
OCI技術資料 : ロード・バランサ 概要 - FLB・NLB共通
ocise
4
27k
CloudFrontのHost Header転送設定でパケットの中身はどう変わるのか?
nagisa53
1
230
Blue/Green Deployment を用いた PostgreSQL のメジャーバージョンアップ
kkato1
0
170
やさしいとこから始めるGitHubリポジトリのセキュリティ
tsubakimoto_s
3
2.1k
開発チームとQAエンジニアの新しい協業モデル -年末調整開発チームで実践する【QAリード施策】-
qa
0
600
【AWS】CloudTrail LakeとCloudWatch Logs Insightsの使い分け方針
tsurunosd
0
130
Even G2 クイックスタートガイド(日本語版)
vrshinobi1
0
170
Network Firewall Proxyで 自前プロキシを消し去ることができるのか
gusandayo
0
150
MCPで決済に楽にする
mu7889yoon
0
170
Zephyr(RTOS)でOpenPLCを実装してみた
iotengineer22
0
170
Navigation APIと見るSvelteKitのWeb標準志向
yamanoku
2
140
不確実性と戦いながら見積もりを作成するプロセス/mitsumori-process
hirodragon112
1
170
Featured
See All Featured
Building Experiences: Design Systems, User Experience, and Full Site Editing
marktimemedia
0
460
Navigating Weather and Climate Data
rabernat
0
150
Building the Perfect Custom Keyboard
takai
2
720
Side Projects
sachag
455
43k
Organizational Design Perspectives: An Ontology of Organizational Design Elements
kimpetersen
PRO
1
660
Ruling the World: When Life Gets Gamed
codingconduct
0
190
The Language of Interfaces
destraynor
162
26k
Responsive Adventures: Dirty Tricks From The Dark Corners of Front-End
smashingmag
254
22k
We Analyzed 250 Million AI Search Results: Here's What I Found
joshbly
1
1.1k
How to Talk to Developers About Accessibility
jct
2
170
Abbi's Birthday
coloredviolet
2
6.1k
The Art of Programming - Codeland 2020
erikaheidi
57
14k
Transcript
Vault Boris Quiroz Q. -
[email protected]
- github.com/boris
¿Qué es Vault?
Una herramienta para acceder a secretos de forma segura.
• Almacenamiento seguro • Secretos dinámicos • Encriptación de data
• Leasing and Renewal • Revocación
Conceptos
• Seal/Unseal • Tokens • Policy • Secret Backend
Políticas
Proporcionan una manera declarativa de delegar acceso a ciertas rutas
y operaciones en Vault.
path “secret/*” { capabilities = [ “write”, “list” ] }
path “secret/very-secret/*” { capabilities = [ “deny” ] }
path “secret/not-secret/*” { capabilities = [ “create”, “delete”, “list”, “read”,
“update” ] }
AWS
{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": "iam:*",
"Resource": "*" } ] }
Demo https://git.io/scl-vault-meetup
boris
ocise
nagisa53
kkato1
tsubakimoto_s
qa
tsurunosd
vrshinobi1
gusandayo
mu7889yoon
iotengineer22
yamanoku
hirodragon112
marktimemedia
rabernat
takai
sachag
kimpetersen
codingconduct
destraynor
smashingmag
joshbly
jct
coloredviolet
erikaheidi
![Vault Boris Quiroz Q. - [email protected] - github.com/boris](https://files.speakerdeck.com/presentations/afe2515e1331422ba35f6a945cc8f615/slide_0.jpg){kind=link}
![path “secret/*” { capabilities = [ “write”, “list” ] }](https://files.speakerdeck.com/presentations/afe2515e1331422ba35f6a945cc8f615/slide_8.jpg){kind=link}
![path “secret/very-secret/*” { capabilities = [ “deny” ] }](https://files.speakerdeck.com/presentations/afe2515e1331422ba35f6a945cc8f615/slide_9.jpg){kind=link}
