Posted on

Migrating Secrets Using HashiCorp Vault and Safe CLI

Vault and Safe

Vault is a secret management service by HashiCorp. It is a tool that will help you in storing secrets (API keys, passwords, etc.) and accessing them securely. You can use Vault with a user interface as well as through CLI. 

In this post, we will not be going deep into what Vault is, but instead, will look at how we can migrate secrets from one Vault to another. We can migrate secrets from Vault using Vault CLI, but it can get a little complicated to do so. Therefore, to make things easy, we will use Safe CLI, which is a wrapper around Vault. It will help us in managing and migrating our secrets by using simple commands. It also helps us connect to different vault instances very quickly for migration purposes.

Posted on

Encryption Key Lifecycle Management: Tools and Best Practices

A data protection strategy is only as good as the encryption key security used. A robust cybersecurity management plan helps keep sensitive data protected and prevents data breaches. Implementing good practices and centralized tools helps effectively manage encryption key lifecycles, providing better regulatory compliance and overall security.

Encryption Key Lifecycle Management: Best Practices

Ensuring the security of cryptographic keys, tokens, and secrets involves different lifecycle management strategies and cybersecurity knowledge. Listed below are ten tips to keep your encryption keys safe and efficient.

Posted on

Externalizing Your Configurations With Vault for Scalable Deployments

Table of Contents:

  • Introduction
    1. The Solution
  • Setting Up Vault
    1. Creating API Admin Policy
    2. Creating Read-Only user policy
    3. Creating Token attached with API read-only policy
  • 1. Linux Shell Integration
  • 2. Java Integration
  • 3. Python Integration
  • 4. Nodejs Integration
  • 5. Ansible Integration
  • Conclusion

Introduction:

To implement automation for microservices or applications deployed to a large number of systems, it becomes essential to externalize the configurations to a secure, scalable, centralized configuration store. This is necessary to be able to deploy the application in multiple environments with environment-specific parameters without requiring human intervention and without requiring modification to the core application during automated deployments, scaling, and failover recoveries.

Besides the fact that manually managed configurations involve the risk of human error, they are also not scalable for 24x7 large-scale deployments, particularly when we are deploying several instances of microservices across various infrastructure platforms.

Posted on

HashiCorp Is Becoming an Important Part of Spring Cloud (Part 1)

As we all know the Cloud-based systems are becoming the most popular architecture in the software engineering world, and the most famous and beloved Cloud platform among developers is Spring Cloud.

Spring Cloud has some important features which are given in the following parts and the feature part does a specific job:

Posted on

Look, Ma! No Pods!

Introduction

Release Automation is the cornerstone of modern Software Delivery. Well-established CI/CD pipelines are fundamental to every organization that wants to embrace DevOps/GitOps methodologies in order to achieve:

  • Frequent, rapid release cycles.
  • Fully automated deployment and rollback based on deployment strategies (Rolling Updates, Canary Releases, Blue/Green deployment).
  • Continuous-integration with automated testing.
  • More resources devoted to automated testing than manual testing.

The benefits of CI/CD for businesses undoubtedly should be the first priority no matter what kind of 'Agile' or other methodology is used for project management. Articles like Benefits of Continuous Integration for Businesses and IT Teams or Why the World Needs CI/CD, explain the importance for all stakeholders.