Secure Developer Workflows with Vault & Github Actions
Secure secrets management is a critical element of the product development lifecycle. It’s not trivial, however, to protect and manage cloud providers and other important credentials at all stages of the process. As a result, developer machines are often littered with secrets stored in unencrypted text files, and deployment pipelines are complicated by a variety of patterns for retrieving secrets. Hashicorp Vault provides an elegant secret management system that you can use to easily and consistently safeguard your local development environment as well as your entire deployment pipeline. In this talk, I will show how you can set up a secure development environment with Vault, and how you can ensure your secrets & application deployment patterns stay consistent across development, staging and production environments using GitHub Actions.
Secure secrets management is a critical element of the product development lifecycle. It’s not trivial, however, to protect and manage cloud providers and other important credentials at all stages of the process. As a result, developer machines are often littered with secrets stored in unencrypted text files, and deployment pipelines are complicated by a variety of patterns for retrieving secrets.
Hashicorp Vault provides an elegant secret management system that you can use to easily and consistently safeguard your local development environment as well as your entire deployment pipeline.
In this talk, I will show how you can set up a secure development environment with Vault, and how you can ensure your secrets & application deployment patterns stay consistent across development, staging and production environments using GitHub Actions.
