SlideShare a Scribd company logo

Hashicorp Tooling: Value, efficiency & security

C
continohq

This document discusses HashiCorp tools for infrastructure automation, including Packer, Terraform, and Vault. It provides an overview of each tool's purpose and functionality, such as using Packer to create machine images, Terraform to provision and manage cloud infrastructure as code, and Vault to securely manage secrets. It also describes a case study of using Packer and Terraform to help a UK retailer move infrastructure to the cloud. Training courses are recommended to help organizations adopt these tools.

Software
1 of 37
Downloaded 22 times
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
HashiCorp Tooling Value, Efficiency & Security contino.io
INTRODUCTIONS Jordan Taylor DevOps Practitioner at Contino Specialise in automation, configuration management, cloud orchestration & CI/CD Favourite tools are Terraform, Docker and Vault
TO THE CLOUD! Why? How?
THE WHY Avoid initial investment Cost savings Flexibility Scalability User control Speed of deployment Out-of-the-box security and monitoring
THE HOW MAGIC Otherwise known as: ● Infrastructure as Code ● Use of Cloud orchestration tools Enabling: ● Cloud deployments in a single command ● Auto-scaling ● Uncomplicated deploy processes ● AUTOMATION
Company based in San Francisco Insecure Systems Constrained ResourcesComplex WorkflowsManual Process Effectively solve development, operations and security challenges such as: Allowing for focus on business-critical tasks
VAGRANT PACKER TERRAFORM SERF NOMAD VAULT OTTOCONSUL
AGENDA Packer Terraform Use case: Taking a leading UK retailer into the Cloud with Packer and Terraform Vault
PACKER Create images for an array of platforms all from a single source configuration.
WHY ADOPT PACKER? ● Templated image builds ● Store templates in source control ● Pre-bake and pre-configure images ● Provide developers with SDKs in images ● Little engineer upskilling required
PACKER: TECHNICAL FUNCTIONALITY Build temporary cloud instance Provision and configure it according to the template Snapshot it Abstraction of cloud provider API manipulation
A PACKER TEMPLATE
PACKER BEST PRACTICES 1. Directory structure 2. Image naming convention
TERRAFORM Allows the creation, combination and management of infrastructure resources across multiple providers.
WHY ADOPT TERRAFORM? ● Infrastructure as Code ● Store templated infrastructure in source control ● Provide on-demand infrastructural flexibility ● Little engineer upskilling required ● Simple move to the cloud
TERRAFORM TECHNICAL FUNCTIONALITY Write Terraform templates Execute ‘terraform plan’ Execute ‘terraform apply’ Resources deployed & state stored ● Abstraction of a cloud provider’s API, templated as code ● Store and manipulate the state of your infrastructure via metadata
A TERRAFORM TEMPLATE
TERRAFORM BEST PRACTICES 1. Store and share state wisely 2. Directory structure is key
CONSIDER TERRAFORM ENTERPRISE ● Remote Terraform plans, applies, and locks ● Change management and access control policies ● GitHub integration ● Remote state storage ● Artifact registry ● Notifications ● Auditing ● Rollback State
Taking a Leading UK Retailer into the Cloud Client requirements: ● Equip workforce with the ability to move into the cloud ● Provide a template cloud architecture to move new teams/projects into the cloud ● Get rid of inflexible, long-life, isolated environments ● Scrap complex deployment processes and methodologies
DELIVERABLES ● Templated AWS architecture designed and implemented ● Essentials training to large audiences, encouraging adoption of new tools ● Key engineers upskilled to train internally ● A project team moved into the cloud
OUTCOMES ● Orchestrating infrastructure into the cloud with Terraform ● Deploying resources into AWS using Terraform, via Jenkins ● Creating pre-provisioned images with Packer ● Demonstrating configuration management capability with Chef ● Storing all Infrastructure as Code in Github ● Ready to upskill internally
EQUIP YOUR ORGANISATION WITH CLOUD CAPABILITY Contino Cloud Enablement Package: ● AWS Essentials (2 day) ● Chef Essentials (1 days) ● Packer & Terraform Essentials (1 day) ● Terraform Intermediate (1 day) http://contino.io/resources/
VAULT Secret management system by Hashicorp Secure storage Dynamic Secrets Leases Auditing Secure Infrastructure Automation
VALUE OF VAULT Pre-Vault = secret sprawl, decentralised keys, limited visibility, poorly-defined ‘break-glass’ procedures Post-Vault = single secret source, pragmatic access, operational access, practical security
VAULT COMPONENTS Storage backend - Encrypted Vault data storage Secret backend - Encrypted secret store Audit backend - Log all interactions with Vault Auth backend - Authenticate users to access Vault
INTERACTING WITH VAULT Server - HTTP API, manages interaction Vault token - similar to session cookie, post-authorisation secret access Barrier - All data transitions are encrypted, in and out
INTERACTING WITH VAULT Begin unsealing process Gather shared key holders Form master key Unseal vault Access secrets with Vault
Hashicorp Tooling: Value, efficiency & security
VAULT ENTERPRISE ● 24x7x365 Phone and email support ● Hardware Security Module (HSM) integration AUDITS ● Vault's 0.5 audited by iSEC
EQUIP YOUR ORGANISATION WITH VAULT http://contino.io/resources/ Vault Essentials (1 day) ● How Vault works ● How to set-up and implement Vault ● How to store and manage secrets with Vault ● How to secure applications with Vault
VALUE, EFFICIENCY & SECURITY ● Security with Vault ● Efficiency with Packer & Terraform ● Value with moving your organisation into the cloud swiftly, effectively and securely
USEFUL LINKS Packer documentation: https://www.packer.io/docs/ Terraform documentation: https://www.terraform.io/docs/index.html Vault documentation: https://www.vaultproject.io/docs/index.html Contino offerings: http://contino.io/resources/
CONTINO OVERVIEW We help Enterprise organisations transform their software delivery engines. We do this by delivering on key strategic technology initiatives whilst also upskilling our clients workforce and supporting the development of a more vibrant engineering culture. ▪ Transform how you work with enterprise DevOps and Continuous Delivery ▪ Transform your infrastructure with Cloud ▪ Transform your application delivery with Containers ▪ Transform your enterprise architecture with Microservices Based on our engagements with many global enterprise clients, we have developed significant IP in how to transform to DevOps and adopt the associated technology stacks within an enterprise setting.
SOME OF OUR CLIENTS
THANKS! jordan.taylor@contino.io @jordantaylorUK
NEED HELP? GET IN TOUCH Achieving value, efficiency and security may not be so difficult… Call us: 0203 227 0961 Email us: london@contino.io Our offerings: contino.io/resources

More Related Content

PDF
DEVNET-1144 Deploying hybrid cloud applications with HashiCorp Atlas
Cisco DevNet
 
PPTX
How HashiCorp platform tools can make the difference in development and deplo...
Dmytro Mykhailov
 
PPTX
Hashicorp Products Overview
Uchit Vyas ☁
 
PPTX
Hashicorp-Terraform_Packer_Vault-by Sushil
Sushil Kumar
 
PDF
Puppet Camp Portland: Nagios Management With Puppet (Beginner)
Puppet
 
PPTX
Habitat talk at CodeMonsters Sofia, Bulgaria Nov 27 2018
Mandi Walls
 
PDF
Habitat hack slides - Infracoders Meetup Graz
Infralovers
 
PDF
Taking Spinnaker for a spin @ London DevOps Meetup 36
aleonhardt
 
DEVNET-1144 Deploying hybrid cloud applications with HashiCorp Atlas
Cisco DevNet
 
How HashiCorp platform tools can make the difference in development and deplo...
Dmytro Mykhailov
 
Hashicorp Products Overview
Uchit Vyas ☁
 
Hashicorp-Terraform_Packer_Vault-by Sushil
Sushil Kumar
 
Puppet Camp Portland: Nagios Management With Puppet (Beginner)
Puppet
 
Habitat talk at CodeMonsters Sofia, Bulgaria Nov 27 2018
Mandi Walls
 
Habitat hack slides - Infracoders Meetup Graz
Infralovers
 
Taking Spinnaker for a spin @ London DevOps Meetup 36
aleonhardt
 

What's hot (20)

PDF
Provisioning your Environment with Vagrant and Ansible
Richard Gwozdz
 
PPTX
Habitat Overview
Mandi Walls
 
PDF
Greenfields tech decisions
Trent Hornibrook
 
PDF
The elements of kubernetes
Aaron Schlesinger
 
PPTX
Global Azure Bootcamp 2016 - Azure Automation Invades Your Data Centre
kieranjacobsen
 
PDF
Microservices, DevOps, and Containers with OpenShift and Fabric8
Christian Posta
 
PPTX
Kube Apps in action
Karthik Gaekwad
 
PDF
Microservices Without the Hassle
Fintan Ryan
 
PDF
Network Infrastructure as Code with Chef and Cisco
Matt Ray
 
PDF
Introducing Cloud Development with Project Shipped and Mantl: a deep dive
Cisco DevNet
 
PDF
Whats all the FaaS About
Haggai Philip Zagury
 
PDF
Spinnaker - Bay Area AWS Meetup - 20160726
Adam Jordens
 
PPTX
All the troubles you get into when setting up a production ready Kubernetes c...
Jimmy Lu
 
PDF
Infrastructure as Code with Ansible
Daniel Bezerra
 
PDF
20170831 - Greg Palmier: Terraform & AWS at Tempus
DevOps Chicago
 
KEY
Odin Authenticator
Maciej Pasternacki
 
PDF
Rohit yadav cloud stack internals
ShapeBlue
 
PPT
Beyond Heroku: Hosting Your Rails App Yourself
stcarpenter
 
PPTX
Delivering Secret Zero: Vault AppRole with Terraform and Chef
Amanda MacLeod
 
PPTX
Continuous Deployment to the Cloud using Spinnaker
Tim Ysewyn
 
Provisioning your Environment with Vagrant and Ansible
Richard Gwozdz
 
Habitat Overview
Mandi Walls
 
Greenfields tech decisions
Trent Hornibrook
 
The elements of kubernetes
Aaron Schlesinger
 
Global Azure Bootcamp 2016 - Azure Automation Invades Your Data Centre
kieranjacobsen
 
Microservices, DevOps, and Containers with OpenShift and Fabric8
Christian Posta
 
Kube Apps in action
Karthik Gaekwad
 
Microservices Without the Hassle
Fintan Ryan
 
Network Infrastructure as Code with Chef and Cisco
Matt Ray
 
Introducing Cloud Development with Project Shipped and Mantl: a deep dive
Cisco DevNet
 
Whats all the FaaS About
Haggai Philip Zagury
 
Spinnaker - Bay Area AWS Meetup - 20160726
Adam Jordens
 
All the troubles you get into when setting up a production ready Kubernetes c...
Jimmy Lu
 
Infrastructure as Code with Ansible
Daniel Bezerra
 
20170831 - Greg Palmier: Terraform & AWS at Tempus
DevOps Chicago
 
Odin Authenticator
Maciej Pasternacki
 
Rohit yadav cloud stack internals
ShapeBlue
 
Beyond Heroku: Hosting Your Rails App Yourself
stcarpenter
 
Delivering Secret Zero: Vault AppRole with Terraform and Chef
Amanda MacLeod
 
Continuous Deployment to the Cloud using Spinnaker
Tim Ysewyn
 
Ad

Viewers also liked (10)

PPTX
Vault - Secret and Key Management
Anthony Ikeda
 
PDF
SF HashiCorp User Group at GitHub
Jon Benson
 
PDF
ContainerDays Boston 2016: "Hiding in Plain Sight: Managing Secrets in a Cont...
DynamicInfraDays
 
PDF
ContainerDays NYC 2016: "The Secure Introduction Problem: Getting Secrets Int...
DynamicInfraDays
 
PDF
Hashicorp @ JUST EAT - Part 2
Andrew Brown
 
PPTX
Hashicorp Vault ppt
Shrey Agarwal
 
PDF
Microservices Manchester: Security, Microservces and Vault by Nicki Watt
OpenCredo
 
PDF
HashiCorp's Vault - The Examples
Michał Czeraszkiewicz
 
PDF
Neil Saunders (Beamly) - Securing your AWS Infrastructure with Hashicorp Vault
Outlyer
 
PDF
Introduction to Data Vault Modeling
Kent Graziano
 
Vault - Secret and Key Management
Anthony Ikeda
 
SF HashiCorp User Group at GitHub
Jon Benson
 
ContainerDays Boston 2016: "Hiding in Plain Sight: Managing Secrets in a Cont...
DynamicInfraDays
 
ContainerDays NYC 2016: "The Secure Introduction Problem: Getting Secrets Int...
DynamicInfraDays
 
Hashicorp @ JUST EAT - Part 2
Andrew Brown
 
Hashicorp Vault ppt
Shrey Agarwal
 
Microservices Manchester: Security, Microservces and Vault by Nicki Watt
OpenCredo
 
HashiCorp's Vault - The Examples
Michał Czeraszkiewicz
 
Neil Saunders (Beamly) - Securing your AWS Infrastructure with Hashicorp Vault
Outlyer
 
Introduction to Data Vault Modeling
Kent Graziano
 
Ad

Similar to Hashicorp Tooling: Value, efficiency & security (20)

PPTX
Securing Your CI Pipeline with HashiCorp Vault - P2
Ashnikbiz
 
PPTX
Cloud Adoption: From Start to PaaS
Andrew Khoury
 
PPTX
Hashicorp Corporate Pitch Deck Stenio_v2
Stenio Ferreira
 
PPTX
Kloia AWS IBM Hashicorp Day Presentation
kloia
 
PDF
Adopting HashiCorp Vault
Nicolas Corrarello
 
PPTX
Cloud Native Summit 2019 Summary
Everett Toews
 
PPTX
Vault Digital Transformation
Stenio Ferreira
 
PDF
Practical Cloud Security A Guide For Secure Design And Deployment 1st Edition...
jaromdembo
 
PDF
Practical Cloud Security A Guide for Secure Design and Deployment 1st Edition...
omorialeksi5
 
PDF
Exponential growth with IaC superpowers
Carlo Corti
 
PDF
Security Considerations When Using Cloud Infrastructure Services.pdf
Ciente
 
PDF
Exponential growth with IaC superpowers
Carlo Corti
 
PDF
Practical Cloud Security A Guide for Secure Design and Deployment 1st Edition...
bvpxmqwie0546
 
PDF
Hashicorp Vault - OPEN Public Sector
Kangaroot
 
PDF
IANS information security forum 2019 summary
Karun Chennuri
 
PDF
DevOps Fest 2020. immutable infrastructure as code. True story.
Vlad Fedosov
 
PPTX
Supply chain security - Develop quickly without inviting The Nefarious.pptx
IvanMilchev1
 
PPTX
Building a Paper Trail: Let OVH show you how to secure and audit a Public Cloud
OVH US
 
PPTX
ABN AMRO DevSecOps Journey
Derek E. Weeks
 
PPTX
Vault Open Source vs Enterprise v2
Stenio Ferreira
 
Securing Your CI Pipeline with HashiCorp Vault - P2
Ashnikbiz
 
Cloud Adoption: From Start to PaaS
Andrew Khoury
 
Hashicorp Corporate Pitch Deck Stenio_v2
Stenio Ferreira
 
Kloia AWS IBM Hashicorp Day Presentation
kloia
 
Adopting HashiCorp Vault
Nicolas Corrarello
 
Cloud Native Summit 2019 Summary
Everett Toews
 
Vault Digital Transformation
Stenio Ferreira
 
Practical Cloud Security A Guide For Secure Design And Deployment 1st Edition...
jaromdembo
 
Practical Cloud Security A Guide for Secure Design and Deployment 1st Edition...
omorialeksi5
 
Exponential growth with IaC superpowers
Carlo Corti
 
Security Considerations When Using Cloud Infrastructure Services.pdf
Ciente
 
Exponential growth with IaC superpowers
Carlo Corti
 
Practical Cloud Security A Guide for Secure Design and Deployment 1st Edition...
bvpxmqwie0546
 
Hashicorp Vault - OPEN Public Sector
Kangaroot
 
IANS information security forum 2019 summary
Karun Chennuri
 
DevOps Fest 2020. immutable infrastructure as code. True story.
Vlad Fedosov
 
Supply chain security - Develop quickly without inviting The Nefarious.pptx
IvanMilchev1
 
Building a Paper Trail: Let OVH show you how to secure and audit a Public Cloud
OVH US
 
ABN AMRO DevSecOps Journey
Derek E. Weeks
 
Vault Open Source vs Enterprise v2
Stenio Ferreira
 

More from continohq (8)

PDF
Journey to the cloud in banking and finance webinar
continohq
 
PDF
Monitoring kubernetes with prometheus
continohq
 
PDF
What is docker and how does it improve software delivery?
continohq
 
PDF
Does DevSecOps really exist?
continohq
 
PDF
Fighting The Fintech Wave With DevOps
continohq
 
PDF
Lessons From 50 DevOps Transformations
continohq
 
PDF
Hashicorp Tools For The Windows Ecosystem
continohq
 
PDF
Scaling DevOps To The Enterprise
continohq
 
Journey to the cloud in banking and finance webinar
continohq
 
Monitoring kubernetes with prometheus
continohq
 
What is docker and how does it improve software delivery?
continohq
 
Does DevSecOps really exist?
continohq
 
Fighting The Fintech Wave With DevOps
continohq
 
Lessons From 50 DevOps Transformations
continohq
 
Hashicorp Tools For The Windows Ecosystem
continohq
 
Scaling DevOps To The Enterprise
continohq
 

Recently uploaded (20)

PDF
On Software Engineers' Productivity - Beyond Misleading Metrics
Romén Rodríguez-Gil
 
PPTX
Maximizing Revenue with Marketo Measure: A Deep Dive into Multi-Touch Attribu...
bbedford2
 
PPTX
Can You Build Dashboards Using Open Source Visualization Tool.pptx
Varsha Nayak
 
PPTX
GALILEO CRS SYSTEM | GALILEO TRAVEL SOFTWARE
philipnathen82
 
PPTX
Presentation about variables and constant.pptx
kr2589474
 
PDF
What to consider before purchasing Microsoft 365 Business Premium_PDF.pdf
Q-Advise
 
PPTX
slidesgo-unlocking-the-code-the-dynamic-dance-of-variables-and-constants-2024...
kr2589474
 
PDF
advancepresentationskillshdhdhhdhdhdhhfhf
jasmenrojas249
 
PDF
ShowUs: Pharo Stream Deck (ESUG 2025, Gdansk)
ESUG
 
PPTX
The-Dawn-of-AI-Reshaping-Our-World.pptxx
parthbhanushali307
 
PDF
Balancing Resource Capacity and Workloads with OnePlan – Avoid Overloading Te...
OnePlan Solutions
 
PPTX
Presentation about variables and constant.pptx
safalsingh810
 
PPTX
Contractor Management Platform and Software Solution for Compliance
SHEQ Network Limited
 
PPTX
Odoo Integration Services by Candidroot Solutions
CandidRoot Solutions Private Limited
 
DOCX
Can You Build Dashboards Using Open Source Visualization Tool.docx
Varsha Nayak
 
PDF
lesson-2-rules-of-netiquette.pdf.bshhsjdj
jasmenrojas249
 
PDF
49785682629390197565_LRN3014_Migrating_the_Beast.pdf
Abilash868456
 
PPTX
Explanation about Structures in C language.pptx
Veeral Rathod
 
PDF
Teaching Reproducibility and Embracing Variability: From Floating-Point Exper...
University of Rennes, INSA Rennes, Inria/IRISA, CNRS
 
PPTX
classification of computer and basic part of digital computer
ravisinghrajpurohit3
 
On Software Engineers' Productivity - Beyond Misleading Metrics
Romén Rodríguez-Gil
 
Maximizing Revenue with Marketo Measure: A Deep Dive into Multi-Touch Attribu...
bbedford2
 
Can You Build Dashboards Using Open Source Visualization Tool.pptx
Varsha Nayak
 
GALILEO CRS SYSTEM | GALILEO TRAVEL SOFTWARE
philipnathen82
 
Presentation about variables and constant.pptx
kr2589474
 
What to consider before purchasing Microsoft 365 Business Premium_PDF.pdf
Q-Advise
 
slidesgo-unlocking-the-code-the-dynamic-dance-of-variables-and-constants-2024...
kr2589474
 
advancepresentationskillshdhdhhdhdhdhhfhf
jasmenrojas249
 
ShowUs: Pharo Stream Deck (ESUG 2025, Gdansk)
ESUG
 
The-Dawn-of-AI-Reshaping-Our-World.pptxx
parthbhanushali307
 
Balancing Resource Capacity and Workloads with OnePlan – Avoid Overloading Te...
OnePlan Solutions
 
Presentation about variables and constant.pptx
safalsingh810
 
Contractor Management Platform and Software Solution for Compliance
SHEQ Network Limited
 
Odoo Integration Services by Candidroot Solutions
CandidRoot Solutions Private Limited
 
Can You Build Dashboards Using Open Source Visualization Tool.docx
Varsha Nayak
 
lesson-2-rules-of-netiquette.pdf.bshhsjdj
jasmenrojas249
 
49785682629390197565_LRN3014_Migrating_the_Beast.pdf
Abilash868456
 
Explanation about Structures in C language.pptx
Veeral Rathod
 
Teaching Reproducibility and Embracing Variability: From Floating-Point Exper...
University of Rennes, INSA Rennes, Inria/IRISA, CNRS
 
classification of computer and basic part of digital computer
ravisinghrajpurohit3
 

Hashicorp Tooling: Value, efficiency & security

  • 1. HashiCorp Tooling Value, Efficiency & Security contino.io
  • 2. INTRODUCTIONS Jordan Taylor DevOps Practitioner at Contino Specialise in automation, configuration management, cloud orchestration & CI/CD Favourite tools are Terraform, Docker and Vault
  • 4. THE WHY Avoid initial investment Cost savings Flexibility Scalability User control Speed of deployment Out-of-the-box security and monitoring
  • 5. THE HOW MAGIC Otherwise known as: ● Infrastructure as Code ● Use of Cloud orchestration tools Enabling: ● Cloud deployments in a single command ● Auto-scaling ● Uncomplicated deploy processes ● AUTOMATION
  • 6. Company based in San Francisco Insecure Systems Constrained ResourcesComplex WorkflowsManual Process Effectively solve development, operations and security challenges such as: Allowing for focus on business-critical tasks
  • 7. VAGRANT PACKER TERRAFORM SERF NOMAD VAULT OTTOCONSUL
  • 8. AGENDA Packer Terraform Use case: Taking a leading UK retailer into the Cloud with Packer and Terraform Vault
  • 9. PACKER Create images for an array of platforms all from a single source configuration.
  • 10. WHY ADOPT PACKER? ● Templated image builds ● Store templates in source control ● Pre-bake and pre-configure images ● Provide developers with SDKs in images ● Little engineer upskilling required
  • 11. PACKER: TECHNICAL FUNCTIONALITY Build temporary cloud instance Provision and configure it according to the template Snapshot it Abstraction of cloud provider API manipulation
  • 13. PACKER BEST PRACTICES 1. Directory structure 2. Image naming convention
  • 14. TERRAFORM Allows the creation, combination and management of infrastructure resources across multiple providers.
  • 15. WHY ADOPT TERRAFORM? ● Infrastructure as Code ● Store templated infrastructure in source control ● Provide on-demand infrastructural flexibility ● Little engineer upskilling required ● Simple move to the cloud
  • 16. TERRAFORM TECHNICAL FUNCTIONALITY Write Terraform templates Execute ‘terraform plan’ Execute ‘terraform apply’ Resources deployed & state stored ● Abstraction of a cloud provider’s API, templated as code ● Store and manipulate the state of your infrastructure via metadata
  • 18. TERRAFORM BEST PRACTICES 1. Store and share state wisely 2. Directory structure is key
  • 19. CONSIDER TERRAFORM ENTERPRISE ● Remote Terraform plans, applies, and locks ● Change management and access control policies ● GitHub integration ● Remote state storage ● Artifact registry ● Notifications ● Auditing ● Rollback State
  • 20. Taking a Leading UK Retailer into the Cloud Client requirements: ● Equip workforce with the ability to move into the cloud ● Provide a template cloud architecture to move new teams/projects into the cloud ● Get rid of inflexible, long-life, isolated environments ● Scrap complex deployment processes and methodologies
  • 21. DELIVERABLES ● Templated AWS architecture designed and implemented ● Essentials training to large audiences, encouraging adoption of new tools ● Key engineers upskilled to train internally ● A project team moved into the cloud
  • 22. OUTCOMES ● Orchestrating infrastructure into the cloud with Terraform ● Deploying resources into AWS using Terraform, via Jenkins ● Creating pre-provisioned images with Packer ● Demonstrating configuration management capability with Chef ● Storing all Infrastructure as Code in Github ● Ready to upskill internally
  • 23. EQUIP YOUR ORGANISATION WITH CLOUD CAPABILITY Contino Cloud Enablement Package: ● AWS Essentials (2 day) ● Chef Essentials (1 days) ● Packer & Terraform Essentials (1 day) ● Terraform Intermediate (1 day) http://contino.io/resources/
  • 24. VAULT Secret management system by Hashicorp Secure storage Dynamic Secrets Leases Auditing Secure Infrastructure Automation
  • 25. VALUE OF VAULT Pre-Vault = secret sprawl, decentralised keys, limited visibility, poorly-defined ‘break-glass’ procedures Post-Vault = single secret source, pragmatic access, operational access, practical security
  • 26. VAULT COMPONENTS Storage backend - Encrypted Vault data storage Secret backend - Encrypted secret store Audit backend - Log all interactions with Vault Auth backend - Authenticate users to access Vault
  • 27. INTERACTING WITH VAULT Server - HTTP API, manages interaction Vault token - similar to session cookie, post-authorisation secret access Barrier - All data transitions are encrypted, in and out
  • 28. INTERACTING WITH VAULT Begin unsealing process Gather shared key holders Form master key Unseal vault Access secrets with Vault
  • 30. VAULT ENTERPRISE ● 24x7x365 Phone and email support ● Hardware Security Module (HSM) integration AUDITS ● Vault's 0.5 audited by iSEC
  • 31. EQUIP YOUR ORGANISATION WITH VAULT http://contino.io/resources/ Vault Essentials (1 day) ● How Vault works ● How to set-up and implement Vault ● How to store and manage secrets with Vault ● How to secure applications with Vault
  • 32. VALUE, EFFICIENCY & SECURITY ● Security with Vault ● Efficiency with Packer & Terraform ● Value with moving your organisation into the cloud swiftly, effectively and securely
  • 33. USEFUL LINKS Packer documentation: https://www.packer.io/docs/ Terraform documentation: https://www.terraform.io/docs/index.html Vault documentation: https://www.vaultproject.io/docs/index.html Contino offerings: http://contino.io/resources/
  • 34. CONTINO OVERVIEW We help Enterprise organisations transform their software delivery engines. We do this by delivering on key strategic technology initiatives whilst also upskilling our clients workforce and supporting the development of a more vibrant engineering culture. ▪ Transform how you work with enterprise DevOps and Continuous Delivery ▪ Transform your infrastructure with Cloud ▪ Transform your application delivery with Containers ▪ Transform your enterprise architecture with Microservices Based on our engagements with many global enterprise clients, we have developed significant IP in how to transform to DevOps and adopt the associated technology stacks within an enterprise setting.
  • 35. SOME OF OUR CLIENTS
  • 37. NEED HELP? GET IN TOUCH Achieving value, efficiency and security may not be so difficult… Call us: 0203 227 0961 Email us: [email protected] Our offerings: contino.io/resources