PyCon X


2nd - 5th May 2019

Using Vault to better protect your secrets.

All developers have seen it and few will admit to doing it. Putting unprotected authentication credentials like usernames and passwords or cloud service authentication keys into application code, scripts or Ansible playbooks. We do this because it saves us time and effort. Add in external source control tools, like Github, and the risks of these credentials being publicly exposed increases. While most developers agree on the importance of automated testing and syntax checking, its time to add protecting application secrets, to the list of best practices. In this talk, we will explore how to use Hashicorp Vault, a secure storage and encryption tool, to help manage authentication in a way that is safe and secure. Time will be spent on learning how to setup a Vault server, migrate secrets into the service, and modify python scripts and Ansible playbooks to take advantage of Vault. This talk is for developers of all levels who are interested in a better way to manage their secrets and become the next hero with their security department. (Your results may vary.) Presenter has no affiliation with Hashicorp.

Feedback form:

in on Sunday 5 May at 09:45 See schedule

Do you have some questions on this talk?

New comment