Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Securing Spring Applications with Hashicorp Vault

Jan Dittberner
May 24, 2018
Technology
1
4.5k

Securing Spring Applications with Hashicorp Vault

The talk held at Spring I/O 18 on 24th of May 2018 showed how to use Hashicorp Vault to secure Spring applications. Token and Approle authentication as well as the PKI and database backends have been shown.

The companion code is available from https://github.com/jandd/spring-boot-vault-demo

Jan Dittberner

May 24, 2018
Tweet

More Decks by Jan Dittberner

See All by Jan Dittberner
Using Hashicorp Vault with Spring-Boot
jandd
0
180

Other Decks in Technology

See All in Technology
開発生産性向上サービスを作るFindyが自分たちで開発生産性を爆上げした組織づくりの歩み / Findy's path to boosting its own development productivity 2024-04-17
ma3tk
3
650
Azure Container Apps + Bicep 〜 こんな感じで運用しています
kaz29
2
460
継続的な改善 x ⾮連続的な進化
sansantech
PRO
3
150
SIEMを用いて、セキュリティログ分析の可視化と分析を実現し、PDCAサイクルを回してみた
coconala_engineer
0
280
MLOpsの「壁」を乗り越える、LINEヤフーの Data Quality as Code
lycorptech_jp
PRO
5
500
競技としてのKaggle、役に立つKaggle
yu4u
2
330
Postman v10リリース後を振り返る / Looking back at Postman v10 after release
yokawasa
1
160
レガシーをぶっ壊せ。AEONで始めるDevRelの話 / Qiita Night 2024-2-22
aeonpeople
3
1.3k
私が trocco を推す理由
__allllllllez__
1
220
VSCodeの拡張機能を作っている話
ebarakazuhiro
1
370
リテール金融(キャッシュレス・ネット銀行・ネット証券)の競争環境と経済圏
8maki
0
860
VS CodeでAWSを操作しよう
smt7174
7
1.6k

Featured

See All Featured
5 minutes of I Can Smell Your CMS
philhawksworth
199
19k
Atom: Resistance is Futile
akmur
259
25k
CSS Pre-Processors: Stylus, Less & Sass
bermonpainter
352
28k
Helping Users Find Their Own Way: Creating Modern Search Experiences
danielanewman
20
1.9k
Templates, Plugins, & Blocks: Oh My! Creating the theme that thinks of everything
marktimemedia
19
1.7k
Designing Experiences People Love
moore
136
23k
The Success of Rails: Ensuring Growth for the Next 100 Years
eileencodes
30
6k
Optimising Largest Contentful Paint
csswizardry
8
2.4k
YesSQL, Process and Tooling at Scale
rocio
164
13k
Making the Leap to Tech Lead
cromwellryan
124
8.5k
Producing Creativity
orderedlist
PRO
337
39k
Design by the Numbers
sachag
274
18k

Transcript

  1. Securing Spring Applications with Hashicorp Vault Jan Dittberner @jandd

  2. Jan Dittberner Software architect Topics: Linux, PKI, Automation, … Jan

    Dittberner DevDay – Dresden, 24.04.2018 1

  3. Jan Dittberner Software architect Topics: Linux, PKI, Automation, … Debian

    Developer Infrastructure team lead CAcert.org Jan Dittberner DevDay – Dresden, 24.04.2018 1

  4. WHAT IS VAULT? HashiCorp Vault secures, stores, and tightly controls

    access to tokens, passwords, certificates, API keys, and other secrets in modern computing. Vault handles leasing, key revocation, key rolling, and auditing. Through a unified API, users can access an encrypted Key/Value store and network encryption-as-a-service, or generate AWS IAM/STS credentials, SQL/NoSQL databases, X.509 certificates, SSH credentials, and more. Jan Dittberner DevDay – Dresden, 24.04.2018 2

  5. DEMO

  6. DEMO VAULT AND SPRING-BOOT, TOKEN AND APPROLE AUTHENTICATION Jan Dittberner

    DevDay – Dresden, 24.04.2018 3

  7. DEMO DYNAMIC X.509 CERTIFICATES FROM VAULT PKI Jan Dittberner DevDay

    – Dresden, 24.04.2018 4

  8. DEMO DYNAMIC DATABASE CREDENTIALS FROM VAULT DATABASE ENGINE Jan Dittberner

    DevDay – Dresden, 24.04.2018 5

  9. THANKS! Q & A Jan Dittberner @jandd