Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Securing IaC Workflows

Securing IaC Workflows

In this demo, I show how to secure Infrastructure as Code (IaC) workflows using HashiCorp Cloud offerings HCP Vault and HCP Packer, with a bit of Terraform Cloud best-practices sprinkled in for operational happiness.

---

Companion Code: https://github.com/ksatirli/securing-iac-workflows

Kerim Satirli
PRO

June 01, 2022
Tweet

More Decks by Kerim Satirli

Other Decks in Programming

Transcript

  1. Secure Workflows with
    HCP Vault and Packer
    Kerim Satirli
    Sr. Developer Advocate
    HashiCorp

    View Slide

  2. Sr. Developer Advocate at HashiCorp
    he / him
    @ksatirli
    Kerim
    Satirli

    View Slide

  3. Cloud Infrastructure Automation
    Consistent workflows to provision, secure,
    connect, and run any infrastructure for
    any application.

    View Slide

  4. Workspaces
    vault-deployment
    Workspace to deploy and
    manage lifecycle of an
    HCP Vault Clusters
    vault-config
    Workspace to configure
    an (HCP) Vault Cluster
    for use with AWS
    packer
    Packer Template for
    AWS EC2 Instances
    packer-registry
    Workspace to deploy
    EC2 Instances using
    HCP Packer Registry
    workspaces
    Terraform Cloud Workspace
    to manage the lifecycle of
    Terraform Cloud Workspaces

    View Slide

  5. Workspace Isolation
    vault-deployment
    Workspace to deploy and
    manage lifecycle of an
    HCP Vault Clusters
    vault-config
    Workspace to configure
    an (HCP) Vault Cluster
    for use with AWS
    packer
    Packer Template for
    AWS EC2 Instances
    packer-registry
    Workspace to deploy
    EC2 Instances using
    HCP Packer Registry
    workspaces
    Terraform Cloud Workspace
    to manage the lifecycle of
    Terraform Cloud Workspaces

    View Slide

  6. Terraform Cloud
    https://app.terraform.io/app/a-demo-organization/

    View Slide

  7. HashiCorp Cloud Platform
    https://portal.cloud.hashicorp.com/

    View Slide

  8. Useful
    Links
    ▪ slides: speakerdeck.com/ksatirli/securing-iac-workflows
    ▪ code: github.com/ksatirli/securing-iac-workflows
    ▪ HCP sign-up: hashi.co/hcp-signup-june22

    View Slide

  9. View Slide