×
Copy
Open
Link
Embed
Share
Beginning
This slide
Copy link URL
Copy link URL
Copy iframe embed code
Copy iframe embed code
Copy javascript embed code
Copy javascript embed code
Share
Tweet
Share
Tweet
Slide 1
Slide 1 text
Vault Boris Quiroz Q. -
[email protected]
- github.com/boris
Slide 2
Slide 2 text
¿Qué es Vault?
Slide 3
Slide 3 text
Una herramienta para acceder a secretos de forma segura.
Slide 4
Slide 4 text
● Almacenamiento seguro ● Secretos dinámicos ● Encriptación de data ● Leasing and Renewal ● Revocación
Slide 5
Slide 5 text
Conceptos
Slide 6
Slide 6 text
● Seal/Unseal ● Tokens ● Policy ● Secret Backend
Slide 7
Slide 7 text
Políticas
Slide 8
Slide 8 text
Proporcionan una manera declarativa de delegar acceso a ciertas rutas y operaciones en Vault.
Slide 9
Slide 9 text
path “secret/*” { capabilities = [ “write”, “list” ] }
Slide 10
Slide 10 text
path “secret/very-secret/*” { capabilities = [ “deny” ] }
Slide 11
Slide 11 text
path “secret/not-secret/*” { capabilities = [ “create”, “delete”, “list”, “read”, “update” ] }
Slide 12
Slide 12 text
AWS
Slide 13
Slide 13 text
{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": "iam:*", "Resource": "*" } ] }
Slide 14
Slide 14 text
Demo https://git.io/scl-vault-meetup