Securing AWS Accounts With HashiCorp Vault
Feb 27, 2020
Learn how to design permissions with AWS and use HashiCorp Vault to generate access and secret keys.
Many engineers encounter complexity while managing access and secret keys for public cloud environments. Most of the time, developers are given permissions to create their own sets of keys and use them wherever they want to, without any oversight. This could potentially lead to scenarios where the keys might be uploaded accidentally to Git repositories or be hardcoded within the app itself.
In this talk, Shrivatsa Upadhye will focus, with the help of a demo, on how you can leverage HashiCorp Vault to manage the ENTIRE lifecycle of keys used within AWS, which includes creation, deletion, expiration, logging, and rotation of access and secret keys—a crucial component in building secure cloud infrastructure.
What You'll Learn
- How to design permissions with AWS.
- How to use policies within HashiCorp Vault along with dynamic secrets to generate access and secret keys.