Watch Now

• Panel
• Outline
• Picks
• Download
  • Video
  • Audio

Panel

• Bryan Berry github, twitter, irc: bryanwb, blog: devopsanywhere
• Seth Vargo github, twitter
• Milos Gajdos github, twitter, blog
• Mike Fiedler github, twitter
• Nathen Harvey github, twitter, irc: nathenharvey, blog

Outline

• What is a “secret”?
• Protecting Secrets (Secret Management)
  • chef-vault
• Decrypting Secrets
  • Personally Identifiable Information (PII)
• Working with Vaults (Experience)
  • keywhiz
  • Amazon KMS (Key Management Service)
• Vault
  • Vault Interactive Tutorial
  • Backends
    • Audit Backends
    • Auth Backends
    • Secret Backends
  • Postgres VALID UNTIL (Lease Expiration)
  • Renewals
  • Transit Secret Backend
    • Use Case: Using for Vault developers to share secrets back and forth?
  • Policies
  • Read Access
  • Write
  • Deny
  • Pseudo
  • User Authentication
  • Token-based Auth
  • GitHub
  • Username and Password
  • uauth
  • TLS Certificates
  • LDAP
  • AppID
  • Vault as Open Source
  • The “Break Glass Procedure”: How do you know your secrets have been leaked?
  • Where do services like Vault fit in with containers?
  • Vault with Console
  • Leader Election
  • hologram
  • Security and Independent Security Audits
  • Key Rotation
  • Chef/Vault Integration
    • chef-vault Cookbook
    • vault-ruby

Picks

Bryan

• cobra
• 1493 The World Columbus Made by Charles C. Mann
• Kavinsky

Nathen

• DevOpsDays DC
• Chef Community Summit

Milos

• The Dark Net
• Paradox of choice
• Polyconf

Seth

• DevOpsDays Pittsburgh
• Hashiconf
• Bacon!

Mike

• Railsconf talk by Sandi Metz - Nothing is Something
• POP - Prototyping on Paper

Download

• Video
• Audio

---

The Food Fight Show is brought to you by Bryan Berry and Nathen Harvey with help from other hosts and the awesome community of Chefs.

The show is sponsored, in part, by Chef.

Feedback, suggestions, and questions: info@foodfightshow.com or http://github.com/foodfight/showz.