So You Want to Run Vault in Kubernetes? - Seth Vargo, Google

less than 1 minute read

Abstract

Kubernetes is great for running applications, but can it run secure workloads like HashiCorp Vault, a popular open source secrets management tool? This two-part, demo-driven talk explores the answers to that question. The first part showcases how to run Vault securely on Kubernetes. We walk through different deployment architectures and strategies for making sure Vault is run in the most secure manner on Kubernetes. The second part focuses on how services deployed in Kubernetes interact with Vault. We discuss the implementation details and tradeoffs for authenticating pods and services to Vault to retrieve dynamic credentials like database passwords and Google Cloud IAM credentials. Attendees we leave with an understanding of how to operationalize better run secure workloads like Vault inside Kubernetes and how to expose secure workloads to other services in the cluster.

Sched URL

Video

Twitter Facebook LinkedIn

About

Conferences

So You Want to Run Vault in Kubernetes? - Seth Vargo, Google

Abstract

Video

You May Also Enjoy

You Shall Not Pass! Unless You Are GUAC Verified…. - Parth Patel, Kusari & Dejan Bosanac, Red Hat

Living off the Land Techniques in Managed Kubernetes Clusters - Ronen Shustin & Shay Berkovich, Wiz

Leveraging OCI 1.1 for Enhanced SBOM Integration and Vulnerability Scanning in Harbor - Anais Urlichs, Aqua Security & Shengwen Yu, VMware

Lessons Learned from Generating 100M SBOMs: Google’s Approach to SBOM Compliance - Brandon Lum & Isaac Hepworth, Google