Stop Reinventing the wheel, Use Hashicorp vault!
Technical level: Intermediate Section: Crisp talk Session type: Lecture
HashiCorp Vault is well known for secures, stores, and tightly controls access to tokens, passwords, certificates, API keys, and other secrets in modern computing.
It also handles leasing, key revocation, key rolling, and auditing. Vault presents a unified API to access multiple backends: HSMs, AWS IAM,
SQL databases, raw key/value, and more. But what else is it good for?
This talk is about exploring lesser-known features of Vault besides Secret Storage, namely Encryption-as-a-service, Dynamic Secrets, Cubbyhole secret engine, PKI, etc
Overview of Vault Features & the Vault Architecture.
Introduction to Vault terminology.
Understanding various Vault Secret Engines
Exploring the Cubbyhole Secret engine.
Overview of Encryption-as-a-service feature.
Rotating Database credentials dynamically.
Vault for other production use cases.
Roshan is a tech enthusiast and StackOverflow community contributor for the past few years. Currenlty he’s working as an Operations engineer at Endurance international group. He’s also an AWS certified professional and a multi-cloud expert. His area of interest also includes containerization, docker security, and infra automation.
FreeIPA: The swiss army knife of open-source identity management
FreeIPA is used in the management of Linux user identities, groups, and passwords centrally with the help of a CLI as well as an easy to use GUI. FreeIPA provides centralized authentication, authorization, and account information for Linux and Unix network environments. It is built on top of well known open-source components like LDAP, KDC, PKI, etc. FreeIPA can seamlessly integrate with an exist… more