Case Study

Vault Fastly Secret Engine Design and Integration

Published 8:00 AM UTC Mar 03, 2019

In this talk, engineers Ling Zhang and Shawn Bower show how they use Vault for securing their Fastly CDN layer at The New York Times.

Speakers

The NYT has many services, each with many tokens. Managing a large amount of static tokens has become a burden. In order to address this they found a way to generate dynamic short lived tokens using HashiCorp Vault.

Vault provides this functionality for GCP, AWS, and other cloud services, so they created a plugin that would do this for Fastly. This talk walks through how Fastly tokens are stored and used, and how they migrated to dynamic secrets. It also walks through how they developed the Vault plugin to do this with a short demo.

This talk was part of the first HashiTalks online event—A 24-hour continuous series of presentations from the worldwide HashiCorp User Group (HUG) community and from HashiCorp engineers as well. The event took place from February 21-22, 2019.

Check out your local chapter or start a new one here.

More resources like this one

  • 1/6/2021
  • Case Study

Self-service discovery at scale with Consul at Bloomberg

  • 1/5/2021
  • Case Study

How Roblox Developed and Uses the Windows IIS Nomad Driver

  • 12/17/2020
  • Case Study

Consistent development and deployment at Comcast with Terraform

  • 9/2/2020
  • Case Study

Service Mesh in the Real World

View all resources