Skip to main content
Save 10-15% Register for HashiConf 2025 and save big when you buy 2+ tickets Get your passes
Case Study

Vault Fastly Secret Engine Design and Integration

In this talk, engineers Ling Zhang and Shawn Bower show how they use Vault for securing their Fastly CDN layer at The New York Times.

Speakers

The NYT has many services, each with many tokens. Managing a large amount of static tokens has become a burden. In order to address this they found a way to generate dynamic short lived tokens using HashiCorp Vault.

Vault provides this functionality for GCP, AWS, and other cloud services, so they created a plugin that would do this for Fastly. This talk walks through how Fastly tokens are stored and used, and how they migrated to dynamic secrets. It also walks through how they developed the Vault plugin to do this with a short demo.

This talk was part of the first HashiTalks online event—A 24-hour continuous series of presentations from the worldwide HashiCorp User Group (HUG) community and from HashiCorp engineers as well. The event took place from February 21-22, 2019.

Check out your local chapter or start a new one here.

More resources like this one

1/6/2021Case Study

Self-service discovery at scale with Consul at Bloomberg

1/5/2021Case Study

How Roblox Developed and Uses the Windows IIS Nomad Driver

12/17/2020Case Study

Consistent development and deployment at Comcast with Terraform

9/2/2020Case Study

Service Mesh in the Real World