HUG community member, Andrey Devyatkin gives a talk on method for integrating HashiCorp Vault and Kubernetes apps that requires *zero* code changes.
HashiCorp Vault helps shift the way you work with secrets from a static to a dynamic paradigm. The lifecycle of the secret in those two paradigms is different, which brings some new challenges:
That seems to be very different from typical a 12-factor apps setup when an app would simply read configuration and secrets from environment variables, isn't it? Should you write a library to encapsulate this logic? Or is there an SDK available? There is a way to address all questions above with little to no code changes at all!
I'm going to demo it and then go into the nitty-gritty details of its implementation so you can repeat the same steps at home or work.
This talk was part of the first HashiTalks online event - A 24-hour continuous series of presentations from the HashiCorp User Group (HUG) community and from HashiCorp engineers as well. The event took place from February 21-22, 2019.
Check out your local chapter or start a new one here.