Managing Secrets with Hashicorp Vault

Everything you need to get started with Hashicorp Vault

Ratings: 4.36 / 5.00




Description

Why Managing Secrets is so important ...

Everyone who works in IT these days is concerned with security. It's hard to go a day without reading about some sort of data leak or DDOS attack in the news affecting thousands if not millions of users. Having a solid defense-in-depth and risk management plan is key to protecting your organization's digital assets. In the past this has been the responsibility of executive management and security professionals, however these days in our brave new cloud computing world, everyone who works in and with the cloud has a far greater direct impact on releasing services that we are all responsible for taking a security-first approach

Managing secrets is an integral part of protecting your organization and any digital assets, including on-premise and cloud native applications.

So what is Secrets Management?

First let's ask what may seem like an obvious question: What is a secret? A secret is really anything that you consider sensitive enough to protect from prying eyes, bad actors, or even incompetent ones. A more technical definition of a secret might be any credential, password, tokens, keys, or certificates used to protect data or access services used by an application or even a human. 

So secrets management, then, is responsible for the governance of these secrets. Governance is a process that defines how secrets are created, protected, rotated, distributed, revoked, and destroyed. The governance process may also cover who can access what secrets and when.

While process is great on paper, at the end of the day you need tools to make the secrets management process real. Enter one fantastic tool: Hashicorp's Vault.

This course will teach you how to use Hashicorp Vault.

I have put together this easy to follow course on how to get anyone up to speed on using Hashicorp Vault as quickly as possible. You don't need to be a security professional or understand all the details behind encryption algorithms to learn Vault.

Vault is not just another password vault by the way. In this course you will learn the following:

1. Securely deploy Vault into Development and Production environments

2. Manage static secrets such as passwords

3. Generate and management dynamic secrets such as AWS access tokens or database credentials

4. How to bootstrap infrastructure and services without a human

... and many others ...

What You Will Learn!

  • Gain an understanding of Vault terminology, concepts, and technical architecture.
  • Manage static secrets such as usernames and passwords through the CLI and APIs.
  • Generate dynamic and short lived secrets for use with databases and cloud service providers.
  • Use Hashicorp Vault to build out a PKI solution.
  • Configure Vault for High Availability and TLS.
  • Set up development environments to support Hashicorp Vault
  • Control access to Hashicorp Vault by defining Vault Policies.
  • Configure various secret backends such as Database, AWS, and PKI.
  • Configure various storage backends such as Consul, File, and others.

Who Should Attend!

  • Developers and Administrators who want to incorporate a tested security solution into their applications or services without having to roll their own.
  • Security professionals who are looking for tools to implement policy and procedures.