LRH-3758 Managing secrets at scale | Devoxx

Managing secrets at scale


archi Architecture & Security

Room 5

Thursday from 09:00 til 09:50

Running multiple instances of microservices, deploying Docker images to Kubernetes is the current trend. But what about security? Are you encrypting passwords? Where do you store the key? How often do you rotate secrets? A modern system requires access to a multitude of secrets: database credentials, API keys for external services, credentials for service-oriented architecture communication and often much more.

Traditional, manual patterns cannot keep the security bar high with dynamic deployment scenarios. Secrets should stay secret and not get distributed amongst the landscape.

Come to this session to learn how to keep the security bar high while running services that require secrets. You'll see how to securely share and manage secrets (certificates, passwords, keys) for your services using Vault and how to use it with Spring Boot.

Mark Paluch Mark Paluch

I'm a Software craftsman, Spring Data Engineer at Pivotal, and a member of the CDI 2.0 expert group. I was developing Java server-, frontend-, and web applications since 1999 and my focus is now on software architecture, Spring, and Redis.