Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Secrets management with Vault
Search
Boris Quiroz
December 20, 2017
Technology
0
60
Secrets management with Vault
https://www.meetup.com/Santiago-HashiCorp-User-Group/events/245738064/
Boris Quiroz
December 20, 2017
Tweet
Share
More Decks by Boris Quiroz
See All by Boris Quiroz
Docker Images Best Practices
boris
0
57
Software Freedom Day 2015
boris
0
46
Code Driven Infrastructure
boris
0
72
hola mundo
boris
0
66
DevOps Tools: Chef + Vagrant
boris
0
230
Kitchen.CI
boris
0
120
Introducción a HSTS
boris
0
55
Hands-on Lab
boris
0
82
Tech, Method & Philosophy for the cloud
boris
0
59
Other Decks in Technology
See All in Technology
M&A 後の統合をどう進めるか ─ ナレッジワーク × Poetics が実践した組織とシステムの融合
kworkdev
PRO
1
430
2026年、サーバーレスの現在地 -「制約と戦う技術」から「当たり前の実行基盤」へ- /serverless2026
slsops
2
240
Agile Leadership Summit Keynote 2026
m_seki
1
590
ZOZOにおけるAI活用の現在 ~開発組織全体での取り組みと試行錯誤~
zozotech
PRO
5
5.3k
CDKで始めるTypeScript開発のススメ
tsukuboshi
1
390
生成AIを活用した音声文字起こしシステムの2つの構築パターンについて
miu_crescent
PRO
2
190
usermode linux without MMU - fosdem2026 kernel devroom
thehajime
0
230
OCI Database Management サービス詳細
oracle4engineer
PRO
1
7.4k
ClickHouseはどのように大規模データを活用したAIエージェントを全社展開しているのか
mikimatsumoto
0
220
15 years with Rails and DDD (AI Edition)
andrzejkrzywda
0
190
Webhook best practices for rock solid and resilient deployments
glaforge
1
280
What happened to RubyGems and what can we learn?
mikemcquaid
0
280
Featured
See All Featured
Lessons Learnt from Crawling 1000+ Websites
charlesmeaden
PRO
1
1.1k
The State of eCommerce SEO: How to Win in Today's Products SERPs - #SEOweek
aleyda
2
9.5k
Lightning talk: Run Django tests with GitHub Actions
sabderemane
0
110
Navigating the Design Leadership Dip - Product Design Week Design Leaders+ Conference 2024
apolaine
0
170
Speed Design
sergeychernyshev
33
1.5k
The AI Revolution Will Not Be Monopolized: How open-source beats economies of scale, even for LLMs
inesmontani
PRO
3
3k
The Mindset for Success: Future Career Progression
greggifford
PRO
0
240
The Language of Interfaces
destraynor
162
26k
The SEO identity crisis: Don't let AI make you average
varn
0
240
Building a Scalable Design System with Sketch
lauravandoore
463
34k
Claude Code どこまでも/ Claude Code Everywhere
nwiizo
61
52k
Fashionably flexible responsive web design (full day workshop)
malarkey
408
66k
Transcript
Vault Boris Quiroz Q. -
[email protected]
- github.com/boris
¿Qué es Vault?
Una herramienta para acceder a secretos de forma segura.
• Almacenamiento seguro • Secretos dinámicos • Encriptación de data
• Leasing and Renewal • Revocación
Conceptos
• Seal/Unseal • Tokens • Policy • Secret Backend
Políticas
Proporcionan una manera declarativa de delegar acceso a ciertas rutas
y operaciones en Vault.
path “secret/*” { capabilities = [ “write”, “list” ] }
path “secret/very-secret/*” { capabilities = [ “deny” ] }
path “secret/not-secret/*” { capabilities = [ “create”, “delete”, “list”, “read”,
“update” ] }
AWS
{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": "iam:*",
"Resource": "*" } ] }
Demo https://git.io/scl-vault-meetup
boris
kworkdev
slsops
m_seki
zozotech
tsukuboshi
miu_crescent
thehajime
oracle4engineer
mikimatsumoto
andrzejkrzywda
glaforge
mikemcquaid
charlesmeaden
aleyda
sabderemane
apolaine
sergeychernyshev
inesmontani
greggifford
destraynor
varn
lauravandoore
nwiizo
malarkey
![Vault Boris Quiroz Q. - [email protected] - github.com/boris](https://files.speakerdeck.com/presentations/afe2515e1331422ba35f6a945cc8f615/slide_0.jpg){kind=link}
![path “secret/*” { capabilities = [ “write”, “list” ] }](https://files.speakerdeck.com/presentations/afe2515e1331422ba35f6a945cc8f615/slide_8.jpg){kind=link}
![path “secret/very-secret/*” { capabilities = [ “deny” ] }](https://files.speakerdeck.com/presentations/afe2515e1331422ba35f6a945cc8f615/slide_9.jpg){kind=link}
