Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Securing Spring Applications with Hashicorp Vault

Jan Dittberner
May 24, 2018
Technology
1
4.6k

Securing Spring Applications with Hashicorp Vault

The talk held at Spring I/O 18 on 24th of May 2018 showed how to use Hashicorp Vault to secure Spring applications. Token and Approle authentication as well as the PKI and database backends have been shown.

The companion code is available from https://github.com/jandd/spring-boot-vault-demo

Jan Dittberner

May 24, 2018
Tweet

More Decks by Jan Dittberner

See All by Jan Dittberner
Using Hashicorp Vault with Spring-Boot
jandd
0
200

Other Decks in Technology

See All in Technology
DMARC 対応の話 - MIXI CTO オフィスアワー #04
bbqallstars
1
160
リンクアンドモチベーション ソフトウェアエンジニア向け紹介資料 / Introduction to Link and Motivation for Software Engineers
lmi
4
300k
Application Development WG Intro at AppDeveloperCon
salaboy
0
190
Terraform CI/CD パイプラインにおける AWS CodeCommit の代替手段
hiyanger
1
240
オープンソースAIとは何か? --「オープンソースAIの定義 v1.0」詳細解説
shujisado
8
840
VideoMamba: State Space Model for Efficient Video Understanding
chou500
0
190
誰も全体を知らない ~ ロールの垣根を超えて引き上げる開発生産性 / Boosting Development Productivity Across Roles
kakehashi
1
230
【Startup CTO of the Year 2024 / Audience Award】アセンド取締役CTO 丹羽健
niwatakeru
0
990
ノーコードデータ分析ツールで体験する時系列データ分析超入門
negi111111
0
410
Lambda10周年!Lambdaは何をもたらしたか
smt7174
2
110
Python(PYNQ)がテーマのAMD主催のFPGAコンテストに参加してきた
iotengineer22
0
470
[FOSS4G 2024 Japan LT] LLMを使ってGISデータ解析を自動化したい!
nssv
1
210

Featured

See All Featured
Scaling GitHub
holman
458
140k
10 Git Anti Patterns You Should be Aware of
lemiorhan
654
59k
Become a Pro
speakerdeck
PRO
25
5k
Optimising Largest Contentful Paint
csswizardry
33
2.9k
Visualizing Your Data: Incorporating Mongo into Loggly Infrastructure
mongodb
42
9.2k
BBQ
matthewcrist
85
9.3k
Unsuck your backbone
ammeep
668
57k
Ruby is Unlike a Banana
tanoku
97
11k
Making the Leap to Tech Lead
cromwellryan
133
8.9k
How to train your dragon (web standard)
notwaldorf
88
5.7k
5 minutes of I Can Smell Your CMS
philhawksworth
202
19k
Code Reviewing Like a Champion
maltzj
520
39k

Transcript

  1. Securing Spring Applications with Hashicorp Vault Jan Dittberner @jandd

  2. Jan Dittberner Software architect Topics: Linux, PKI, Automation, … Jan

    Dittberner DevDay – Dresden, 24.04.2018 1

  3. Jan Dittberner Software architect Topics: Linux, PKI, Automation, … Debian

    Developer Infrastructure team lead CAcert.org Jan Dittberner DevDay – Dresden, 24.04.2018 1

  4. WHAT IS VAULT? HashiCorp Vault secures, stores, and tightly controls

    access to tokens, passwords, certificates, API keys, and other secrets in modern computing. Vault handles leasing, key revocation, key rolling, and auditing. Through a unified API, users can access an encrypted Key/Value store and network encryption-as-a-service, or generate AWS IAM/STS credentials, SQL/NoSQL databases, X.509 certificates, SSH credentials, and more. Jan Dittberner DevDay – Dresden, 24.04.2018 2

  5. DEMO

  6. DEMO VAULT AND SPRING-BOOT, TOKEN AND APPROLE AUTHENTICATION Jan Dittberner

    DevDay – Dresden, 24.04.2018 3

  7. DEMO DYNAMIC X.509 CERTIFICATES FROM VAULT PKI Jan Dittberner DevDay

    – Dresden, 24.04.2018 4

  8. DEMO DYNAMIC DATABASE CREDENTIALS FROM VAULT DATABASE ENGINE Jan Dittberner

    DevDay – Dresden, 24.04.2018 5

  9. THANKS! Q & A Jan Dittberner @jandd