Secrets Management: How to (not) help the person who hacks your servers get your data
Where do you store your credentials and secrets? In .env files or in environment variables, or even worse, in config files? Are your primary AWS keys shared amongst developers? Do you still have SSH keys from former employees on your servers?
If your answer is “yes” to one or more of these questions you probably haven’t heard the term secrets management. In this talk, we will look into managing secrets in development and operations and expose the problems related to them. I will give you an overview of the current state of techniques to mitigate these problems and we’ll take a brief look at how an open source tool like Hashicorp Vault can provide a solution to managing secrets in the years to come.
Srdjan Vranac has been in this industry for a long time. He had the good fortune to work with a lot of talented people and had a chance to see some brilliant code, and some of the worst ever written.
He gets paid for writing code that performs exceptionally. He runs Code4Hire, a small outfit dedicated to solving tough problems.