Skip to main content
HashiTalks 2025 Learn about unique use cases, homelab setups, and best practices at scale at our 24-hour virtual knowledge sharing event. Register
Presentation

Secure Your Multi-Cloud Delivery Pipeline with HashiCorp Vault

Walk through this example company's pipeline that uses authentication mechanisms (AppRole, AWS), Vault policies, and secret backends (KV, AWS, SSH) to build secure and auditable delivery.

Many teams are still using hard-coded static credentials in their delivery pipelines to authenticate to cloud providers, or to connect on target servers using SSH. Most of the time, the problem is not addressed because there does not seem to be an easy solution, meanwhile it creates a critical security threat.

The aim of this talk is to show how delivery pipelines can be secured in a unified way across any number of different cloud providers, by implementing the principle of least privilege with HashiCorp Vault. It will also underline key benefits of using Vault, like unified security policy and centralized audit logging (think of it as an identity-broker for your all of your secrets management motions).

What You'll Learn

This talk will look at an example company that needs to deploy infrastructure to its private cloud, and to multiple AWS accounts. This example will combine authentication mechanisms (AppRole, AWS), Vault policies, and Secret Backends (KV, AWS, SSH) to build a secure and auditable delivery pipeline.

Key takeaways

  • Delivery pipelines using static secrets with high privileges are a critical security threat
  • The principle of least privilege can be implemented in multi-cloud environments
  • Vault provides unified security policy and audit log

Speaker: Vincent Poilvert

More resources like this one

2/3/2023Case Study

Automating Multi-Cloud, Multi-Region Vault for Teams and Landing Zones

1/5/2023Case Study

How Discover Manages 2000+ Terraform Enterprise Workspaces

12/22/2022Case Study

Architecting Geo-Distributed Mobile Edge Applications with Consul

zero-trust
12/13/2022White Paper

A Field Guide to Zero Trust Security in the Public Sector