Skip to main content

Cloud Engineering Track | Level 2, Ensemble Ballroom

Using dynamic secrets for third-party Kubernetes applications at scale

October 16, 2024 | 12:00 PM ET - 12:30 PM ET

Session detail

At Canva we implemented dynamic secrets management using HashiCorp Vault to improve our security posture and automate secret rotation. However, migrating 3rd party applications that we have no ownership or code control over presented a challenge. This session will dive into how Canva implemented dynamic secrets in Kubernetes, with Datadog as an example. We'll look at the Vault CSI Provider and Vault Agent Injector, and explain how the Vault Secrets Operator unlocked a zero code change migration.

  • Vault
  • Security Lifecycle Management
  • Anthony Ralston

    Software Engineer

    Canva

HashiCorp uses data collected by cookies and JavaScript libraries to improve your browsing experience, analyze site traffic, and increase the overall performance of our site. By using our website, you’re agreeing to our Privacy Policy and Cookie Policy.

The categories below outline which companies and tools we use for collecting data. To opt out of a category of data collection, set the toggle to “Off” and save your preferences.