Dynamic Azure Credentials for Applications and CI/CD Pipelines
Aug 06, 2020
Learn how Vault's Azure secrets engine can automatically re-generate Azure credentials with a predetermined time-to-live.
- Kawsar KamalStaff Solutions Engineer, HashiCorp
Static secrets management is a great first step toward building a zero-trust security environment for your applications in the cloud. With the obsolesence of the "castle & moat" approach to cloud security, secrets management and identity-based security approaches become the backbone of modern cloud security systems. However, un-automated password rotation and secret rotation is not viable at any significant scale.
For that environment, you need dynamic secrets, which can automatically generate cloud credentials on a regular basis with a gradually shorter time-to-live (TTL). This prevents attackers from having a long-term impact even if a credential is obtained.
What You'll Learn
HashiCorp Vault is an open source product that provides short-lived and least privileged Cloud credentials. In this webinar, HashiCorp solutions engineer Kawsar Kamal will use Microsoft Azure as the example cloud and show how Vault's Azure secrets engine can provide dynamic Azure credentials (secrets engines for all other major cloud providers are available as well). Learn how to configure the Azure secrets engine in Vault and use it in a dynamic secrets management workflow.