Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Secrets management with Vault

Avatar for Boris Quiroz Boris Quiroz
December 20, 2017
Technology
0
60

Secrets management with Vault

https://www.meetup.com/Santiago-HashiCorp-User-Group/events/245738064/

Avatar for Boris Quiroz

Boris Quiroz

December 20, 2017
Tweet

More Decks by Boris Quiroz

See All by Boris Quiroz
Docker Images Best Practices
Avatar for Boris Quiroz boris
0
57
Software Freedom Day 2015
Avatar for Boris Quiroz boris
0
46
Code Driven Infrastructure
Avatar for Boris Quiroz boris
0
72
hola mundo
Avatar for Boris Quiroz boris
0
66
DevOps Tools: Chef + Vagrant
Avatar for Boris Quiroz boris
0
230
Kitchen.CI
Avatar for Boris Quiroz boris
0
120
Introducción a HSTS
Avatar for Boris Quiroz boris
0
55
Hands-on Lab
Avatar for Boris Quiroz boris
0
82
Tech, Method & Philosophy for the cloud
Avatar for Boris Quiroz boris
0
59

Other Decks in Technology

See All in Technology
20260311 技術SWG活動報告(デジタルアイデンティティ人材育成推進WG Ph2 活動報告会)
Avatar for OpenID Foundation Japan oidfj
0
330
内製AIチャットボットで学んだDatadog LLM Observability活用術
Avatar for k.masachika mkdev10
0
100
OCI Security サービス 概要
Avatar for oracle4engineer oracle4engineer
PRO
2
13k
SRE NEXT 2026 CfP レビュアーが語る聞きたくなるプロポーザルとは?
Avatar for Yuta Kawasaki yutakawasaki0911
1
300
VPCエンドポイント意外とお金かかるなぁ。せや、共有したろ!
Avatar for tommy tommy0124
0
490
事例に見るスマートファクトリーへの道筋〜工場データをAI Readyにする実践ステップ〜
Avatar for 濱田孝治 hamadakoji
1
320
Lambda Web AdapterでLambdaをWEBフレームワーク利用する
Avatar for arakawsh sahou909
0
120
わたしがセキュアにAWSを使えるわけないじゃん、ムリムリ!(※ムリじゃなかった!?)
Avatar for cm-usuda-keisuke cmusudakeisuke
1
720
Oracle Database@Google Cloud:サービス概要のご紹介
Avatar for oracle4engineer oracle4engineer
PRO
5
1.2k
The_Evolution_of_Bits_AI_SRE.pdf
Avatar for 株式会社ヌーラボ nulabinc
PRO
0
190
Shifting from MCP to Skills / ベストプラクティスの変遷を辿る
Avatar for Okuto Oyama yamanoku
4
840
JAWSDAYS2026_A-6_現場SEが語る 回せるセキュリティ運用~設計で可視化、AIで加速する「楽に回る」運用設計のコツ~
Avatar for s-hata shoki_hata
0
3k

Featured

See All Featured
The #1 spot is gone: here's how to win anyway
Avatar for Tamara Novitovic tamaranovitovic
2
990
SEO in 2025: How to Prepare for the Future of Search
Avatar for Michael King ipullrank
3
3.4k
Building Adaptive Systems
Avatar for Chris Keathley keathley
44
3k
Faster Mobile Websites
Avatar for Dean Hume deanohume
310
31k
DBのスキルで生き残る技術 - AI時代におけるテーブル設計の勘所
Avatar for soudai sone soudai
PRO
62
51k
Accessibility Awareness
Avatar for Sarah Abderemane sabderemane
0
80
Product Roadmaps are Hard
Avatar for C. Todd Lombardo iamctodd
PRO
55
12k
The Hidden Cost of Media on the Web [PixelPalooza 2025]
Avatar for Tammy Everts tammyeverts
2
250
技術選定の審美眼(2025年版) / Understanding the Spiral of Technologies 2025 edition
Avatar for Takuto Wada twada
PRO
118
110k
The Cult of Friendly URLs
Avatar for Andy Hume andyhume
79
6.8k
Public Speaking Without Barfing On Your Shoes - THAT 2023
Avatar for David Neal reverentgeek
1
340
The Illustrated Guide to Node.js - THAT Conference 2024
Avatar for David Neal reverentgeek
1
300

Transcript

  1. Vault Boris Quiroz Q. - [email protected] - github.com/boris

  2. ¿Qué es Vault?

  3. Una herramienta para acceder a secretos de forma segura.

  4. • Almacenamiento seguro • Secretos dinámicos • Encriptación de data

    • Leasing and Renewal • Revocación

  5. Conceptos

  6. • Seal/Unseal • Tokens • Policy • Secret Backend

  7. Políticas

  8. Proporcionan una manera declarativa de delegar acceso a ciertas rutas

    y operaciones en Vault.

  9. path “secret/*” { capabilities = [ “write”, “list” ] }

  10. path “secret/very-secret/*” { capabilities = [ “deny” ] }

  11. path “secret/not-secret/*” { capabilities = [ “create”, “delete”, “list”, “read”,

    “update” ] }

  12. AWS

  13. { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": "iam:*",

    "Resource": "*" } ] }

  14. Demo https://git.io/scl-vault-meetup