Demo

How to Use AKS Pod Identity with Vault

Feb 27, 2020

Learn one method for providing Kubernetes pods authenticated access to secrets stored in HashiCorp Vault. This is a method that uses Azure Kubernetes Service (AKS).

When running a Kubernetes cluster, you may want to secure secrets outside the cluster. But how do you provide pods authenticated access to secrets stored in something like HashiCorp Vault?

» Using AKS Pod Identity

One possible solution comes from the Azure Kubernetes Service, which has the ability to use Azure Active Directory to authenticate running pods.

» What You'll Learn

In this talk, you will see how Vault can use Azure Active Directory authentication to allow pods running on AKS to access secrets stored in Vault. First, Ned Bellavance will walk through the setup of AKS with Pod Identity. Then he will deploy a Vault cluster and enable Azure authentication. Finally, he will deploy an application on the AKS cluster and retrieve a secret from the Vault cluster. By the end of the talk, you'll be ready to go out and implement this solution in your environment.

See a demo showing how Vault can use Azure Active Directory authentication to allow pods running on AKS to access secrets stored in Vault.

» GitHub Repo

You can find the example used in this talk in this GitHub repo

» Slides

Your browser is out-of-date!

Update your browser to view this website correctly. Update my browser now

×