DevOps Secrets Vault Demo
The rapid, iterative DevOps workflow can expose security vulnerabilities tied to privilege management. With DevOps Secrets Vault you can securely provide the speed and agility DevOps needs to stay competitive. See how easily you can establish a vault, centralize your secrets, and enforce access—and auto-scale up and connect to all your apps.
The rapid, iterative DevOps workflow can expose security vulnerabilities tied to privilege management. with Delinea’s DevOps Secrets Vault you can securely provide the speed and agility DevOps needs to stay competitive –Let’s take a look:
ESTABLISH VAULT
You begin by establishing your Vault- Delinea’s DevOps Secrets Vault is a high velocity solution capable of high-speed secrets creation, archiving and retrieval.
Once you have Download the CLI Open the shell program corresponding to your operating system.
- Enter the “thy init” command
- Enter your tenant name, “admin” for username, and the password you selected.
- Type “thy whoami” command to verify you are logged in as the admin. You are authenticated to the vault!
- Type “thy auth” for your access token
In less than 30 minutes you have access to your vault. No servers, databases, or networking infrastructure to setup or configure.
CENTRALIZE SECRETS
Next you can centralize secrets and enforce access - Secrets management delivered as a service empowers your organization to adopt modern DevOps principles easily, quickly and securely. DevOps Secrets Vault centralizes management and enforces access control so you can minimize privilege account sprawl and harden your attack surface without sacrificing productivity.
Secrets are created using industry-standard JSON or YAML files so you can define secrets with any key-value pair. Secret description, username, passwords, API keys, SSH keys, … the possibilities are endless.
ENFORCE ACCESS
The secrets are structured in a hierarchy (or path) just like the file structure on your computer. This enables easy organization and is how permissions are granted to users.
Let’s create a secret and a new user.
Save the secret we just showed in the JSON file using the “thy secret create” command to the path shown
We’ll Create user “developer1” and assign a password using the “thy user create” command
Now let’s look at the permissions document using the “thy config read” command
thy config read -be yaml
The default policy is set for the admin only.
We want to give that user access to the path where the secret is stored by editing the permissions document.
Open a text editor. Here we are assigning a policy id, description of the policy, the user, allowing full CRUD access, and specifying the path to the secret we just created.
You can also create a policy to deny access to secrets below that path.
Save the text file
Save the updates to permissions document using the “thy config update” command
Developer1 now has full permissions on any secret at /servers/us-east, but no permissions to secrets a layer down in region1.
You see you can centralizes management and enforces access control to minimize privilege account sprawl without sacrificing productivity.
AUTOSCALE and CONNECT TO ALL APPS
Delinea’s DevOps Secrets Vault can scale with your AWS and Azure deployment. It is platform agnostic and designed to automate secrets management and integrate with common DevOps tools, such as Kubernetes and Jenkins. This allows Auto Scaling up to tens of thousands of containers, servers, and applications rapidly deployed across your Dev, Test, and Production environments.
There is so much more to our DevOps Secrets Vault than I could ever cover in a brief video. If you would like to try it for yourself, simply visit our website and download the free version today.
Thank you
