Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Secrets management with Vault
Search
Sponsored
·
SiteGround - Reliable hosting with speed, security, and support you can count on.
→
Boris Quiroz
December 20, 2017
Technology
61
0
Share
Secrets management with Vault
https://www.meetup.com/Santiago-HashiCorp-User-Group/events/245738064/
Boris Quiroz
December 20, 2017
More Decks by Boris Quiroz
See All by Boris Quiroz
Docker Images Best Practices
boris
0
58
Software Freedom Day 2015
boris
0
47
Code Driven Infrastructure
boris
0
74
hola mundo
boris
0
67
DevOps Tools: Chef + Vagrant
boris
0
230
Kitchen.CI
boris
0
120
Introducción a HSTS
boris
0
57
Hands-on Lab
boris
0
83
Tech, Method & Philosophy for the cloud
boris
0
59
Other Decks in Technology
See All in Technology
ワールドカフェI /チューターを改良する / World Café I and Improving the Tutors
ks91
PRO
0
290
こんなアーキテクチャ図はいやだ / Anti-pattern in AWS Architecture Diagrams
naospon
1
430
QGISプラグイン CMChangeDetector
naokimuroki
1
360
AIペネトレーションテスト・ セキュリティ検証「AgenticSec」ご紹介資料
laysakura
0
4k
AzureのIaC管理からログ調査まで、随所に役立つSkillsとCustom-Instructions / Boosting IaC and Log Analysis with Skills
aeonpeople
0
200
Revisiting [CLS] and Patch Token Interaction in Vision Transformers
yu4u
0
340
Azure PortalなどにみるWebアクセシビリティ
tomokusaba
0
390
社内エンジニア勉強会の醍醐味と苦しみ/tamadev
nishiuma
0
150
システムは「動く」だけでは足りない 実装編 - 非機能要件・分散システム・トレードオフをコードで見る
nwiizo
4
420
Bill One 開発エンジニア 紹介資料
sansan33
PRO
6
18k
サイボウズ 開発本部採用ピッチ / Cybozu Engineer Recruit
cybozuinsideout
PRO
10
78k
Data Hubグループ 紹介資料
sansan33
PRO
0
2.9k
Featured
See All Featured
What the history of the web can teach us about the future of AI
inesmontani
PRO
1
520
Helping Users Find Their Own Way: Creating Modern Search Experiences
danielanewman
31
3.2k
Building Experiences: Design Systems, User Experience, and Full Site Editing
marktimemedia
0
480
[SF Ruby Conf 2025] Rails X
palkan
2
960
Building a A Zero-Code AI SEO Workflow
portentint
PRO
0
450
Efficient Content Optimization with Google Search Console & Apps Script
katarinadahlin
PRO
1
500
Kristin Tynski - Automating Marketing Tasks With AI
techseoconnect
PRO
0
220
A Tale of Four Properties
chriscoyier
163
24k
The Pragmatic Product Professional
lauravandoore
37
7.2k
Building Adaptive Systems
keathley
44
3k
Leveraging LLMs for student feedback in introductory data science courses - posit::conf(2025)
minecr
1
230
AI in Enterprises - Java and Open Source to the Rescue
ivargrimstad
0
1.2k
Transcript
Vault Boris Quiroz Q. -
[email protected]
- github.com/boris
¿Qué es Vault?
Una herramienta para acceder a secretos de forma segura.
• Almacenamiento seguro • Secretos dinámicos • Encriptación de data
• Leasing and Renewal • Revocación
Conceptos
• Seal/Unseal • Tokens • Policy • Secret Backend
Políticas
Proporcionan una manera declarativa de delegar acceso a ciertas rutas
y operaciones en Vault.
path “secret/*” { capabilities = [ “write”, “list” ] }
path “secret/very-secret/*” { capabilities = [ “deny” ] }
path “secret/not-secret/*” { capabilities = [ “create”, “delete”, “list”, “read”,
“update” ] }
AWS
{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": "iam:*",
"Resource": "*" } ] }
Demo https://git.io/scl-vault-meetup
SiteGround - Reliable hosting with speed, security, and support you can count on.
boris
ks91
naospon
naokimuroki
laysakura
aeonpeople
yu4u
tomokusaba
nishiuma
nwiizo
sansan33
cybozuinsideout
inesmontani
danielanewman
marktimemedia
palkan
portentint
katarinadahlin
techseoconnect
chriscoyier
lauravandoore
keathley
minecr
ivargrimstad
![Vault Boris Quiroz Q. - [email protected] - github.com/boris](https://files.speakerdeck.com/presentations/afe2515e1331422ba35f6a945cc8f615/slide_0.jpg){kind=link}
![path “secret/*” { capabilities = [ “write”, “list” ] }](https://files.speakerdeck.com/presentations/afe2515e1331422ba35f6a945cc8f615/slide_8.jpg){kind=link}
![path “secret/very-secret/*” { capabilities = [ “deny” ] }](https://files.speakerdeck.com/presentations/afe2515e1331422ba35f6a945cc8f615/slide_9.jpg){kind=link}
