Call for round the year submissions for Rootconf in 2020

Submit a proposal at any time in the year on DevOps, infrastructure security, cloud, and distributed systems. We will find you a suitable opportunity to share your work.

Propose a session

Previous proposal

FreeIPA: The swiss army knife of open-source identity management

Next proposal

The Pains and Gains of Containerization

Stop Reinventing the wheel, Use Hashicorp vault!

Submitted by Roshan R (@roshan10) on Monday, 6 May 2019

Technical level: Intermediate Section: Crisp talk Session type: Lecture

Abstract

HashiCorp Vault is well known for secures, stores, and tightly controls access to tokens, passwords, certificates, API keys, and other secrets in modern computing.
It also handles leasing, key revocation, key rolling, and auditing. Vault presents a unified API to access multiple backends: HSMs, AWS IAM,
SQL databases, raw key/value, and more. But what else is it good for?

This talk is about exploring lesser-known features of Vault besides Secret Storage, namely Encryption-as-a-service, Dynamic Secrets, Cubbyhole secret engine, PKI, etc

Outline

Overview of Vault Features & the Vault Architecture.
Introduction to Vault terminology.
Understanding various Vault Secret Engines
Exploring the Cubbyhole Secret engine.
Overview of Encryption-as-a-service feature.
Rotating Database credentials dynamically.
Vault for other production use cases.

Speaker bio

Roshan is a tech enthusiast and StackOverflow community contributor for the past few years. Currenlty he’s working as an Operations engineer at Endurance international group. He’s also an AWS certified professional and a multi-cloud expert. His area of interest also includes containerization, docker security, and infra automation.

Slides

https://docs.google.com/presentation/d/1eaPTM-LfrlI8txsOgFUaJerks1DwHcLIAvNPM5oTBwQ/edit?usp=sharing

Comments

  • saurabh hirani (@saurabh-hirani) 6 months ago

    Hi Roshan,

    Thanks for submitting this proposal.

    I had the following queries:

    1. As this talk is geared towards the lesser known features of Vault - will there be a beginner Vault user expectation from the audience? You have added this as a full talk - so there should be enough time to bring the audience up to speed to the level at which they can start understanding and appreciating the features you call out.
    2. Can you add an initial draft of slides + preview video emphasizing on the flow and audience takeaways? As Hashicorp Vault is a popular tool and basic queries can be resolved by googling for them - it would help if this talk covers areas that the beginner Vault users may not be aware of.
    [Link]
  • Zainab Bawa (@zainabbawa) Reviewer 6 months ago (edited 6 months ago)

    Participants at Rootconf are familiar with Vault and Secrets. With this context, what is the value addition of this talk?
    What is it about the lesser known features of Vault that is important for a DevOps audience?

    The slides currently don’t explain:

    1. Details of the lesser known features of Vault.
    2. Why are the lesser known features important? What problems do they solve?
    3. What is the one insight/takeaway for participants whuch will be useful for participants to take back and apply in practice?
    4. Since the talk is primarily focussed on describing the lesser known features of Vault, the big picture is lost. What is the big picture in which this talk is grounded?
    [Link]

Login with Twitter or Google to leave a comment