Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Secrets management with Vault
Search
Boris Quiroz
December 20, 2017
Technology
0
58
Secrets management with Vault
https://www.meetup.com/Santiago-HashiCorp-User-Group/events/245738064/
Boris Quiroz
December 20, 2017
Tweet
Share
More Decks by Boris Quiroz
See All by Boris Quiroz
Docker Images Best Practices
boris
0
56
Software Freedom Day 2015
boris
0
45
Code Driven Infrastructure
boris
0
68
hola mundo
boris
0
64
DevOps Tools: Chef + Vagrant
boris
0
230
Kitchen.CI
boris
0
120
Introducción a HSTS
boris
0
54
Hands-on Lab
boris
0
79
Tech, Method & Philosophy for the cloud
boris
0
54
Other Decks in Technology
See All in Technology
AI時代のインシデント対応 〜時代を切り抜ける、組織アーキテクチャ〜
jacopen
4
120
生成AIシステムとAIエージェントに関する性能や安全性の評価
shibuiwilliam
0
120
新しい風。SolidFlutterで実現するシンプルな状態管理
zozotech
PRO
0
130
スタートアップの事業成長を支えるアーキテクチャとエンジニアリング
doragt
1
7.1k
Android Studio Otter の最新 Gemini 機能 / Latest Gemini features in Android Studio Otter
yanzm
0
300
AI エージェントを評価するための温故知新と Spec Driven Evaluation
icoxfog417
PRO
2
680
変わるもの、変わらないもの :OSSアーキテクチャで実現する持続可能なシステム
gree_tech
PRO
0
230
技術広報のOKRで生み出す 開発組織への価値 〜 カンファレンス協賛を通して育む学びの文化 〜 / Creating Value for Development Organisations Through Technical Communications OKRs — Nurturing a Culture of Learning Through Conference Sponsorship —
pauli
5
520
AI駆動開発2025年振り返りとTips集
knr109
1
100
[CV勉強会@関東 ICCV2025 読み会] World4Drive: End-to-End Autonomous Driving via Intention-aware Physical Latent World Model (Zheng+, ICCV 2025)
abemii
0
250
re:Inventにおける製造業のこれまでとこれから
hamadakoji
0
320
Kubernetesと共にふりかえる! エンタープライズシステムのインフラ設計・テストの進め方大全
daitak
0
440
Featured
See All Featured
KATA
mclloyd
PRO
32
15k
The MySQL Ecosystem @ GitHub 2015
samlambert
251
13k
Exploring the Power of Turbo Streams & Action Cable | RailsConf2023
kevinliebholz
36
6.1k
VelocityConf: Rendering Performance Case Studies
addyosmani
333
24k
Improving Core Web Vitals using Speculation Rules API
sergeychernyshev
21
1.3k
Code Review Best Practice
trishagee
72
19k
The Web Performance Landscape in 2024 [PerfNow 2024]
tammyeverts
11
940
Building Adaptive Systems
keathley
44
2.8k
Fashionably flexible responsive web design (full day workshop)
malarkey
407
66k
Fireside Chat
paigeccino
41
3.7k
Building a Scalable Design System with Sketch
lauravandoore
463
34k
Typedesign – Prime Four
hannesfritz
42
2.9k
Transcript
Vault Boris Quiroz Q. -
[email protected]
- github.com/boris
¿Qué es Vault?
Una herramienta para acceder a secretos de forma segura.
• Almacenamiento seguro • Secretos dinámicos • Encriptación de data
• Leasing and Renewal • Revocación
Conceptos
• Seal/Unseal • Tokens • Policy • Secret Backend
Políticas
Proporcionan una manera declarativa de delegar acceso a ciertas rutas
y operaciones en Vault.
path “secret/*” { capabilities = [ “write”, “list” ] }
path “secret/very-secret/*” { capabilities = [ “deny” ] }
path “secret/not-secret/*” { capabilities = [ “create”, “delete”, “list”, “read”,
“update” ] }
AWS
{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": "iam:*",
"Resource": "*" } ] }
Demo https://git.io/scl-vault-meetup
boris
jacopen
shibuiwilliam
zozotech
doragt
yanzm
icoxfog417
gree_tech
pauli
knr109
abemii
hamadakoji
daitak
mclloyd
samlambert
kevinliebholz
addyosmani
sergeychernyshev
trishagee
tammyeverts
keathley
malarkey
paigeccino
lauravandoore
hannesfritz
![Vault Boris Quiroz Q. - [email protected] - github.com/boris](https://files.speakerdeck.com/presentations/afe2515e1331422ba35f6a945cc8f615/slide_0.jpg){kind=link}
![path “secret/*” { capabilities = [ “write”, “list” ] }](https://files.speakerdeck.com/presentations/afe2515e1331422ba35f6a945cc8f615/slide_8.jpg){kind=link}
![path “secret/very-secret/*” { capabilities = [ “deny” ] }](https://files.speakerdeck.com/presentations/afe2515e1331422ba35f6a945cc8f615/slide_9.jpg){kind=link}
