×

Developer Tharun's video: 18 ways to ATTACK a vault server Hashicorp Secure Vault Server Production hardening Tharun Shiv

@18 ways to ATTACK a vault server | Hashicorp ,Secure Vault Server Production hardening | Tharun Shiv
Hey there! Follow the podcast if you like the episode This is Tharun. In the Developer Tharun Podcast, I speak about Software Engineering Thank you for Listening In this Episode 1. Vault server production hardening Vault stores data in encrypted format. The encryption key that is being used to encrypt/decrypt the data is also stored along with rest of the data in the keyring. When a Vault server starts, it knows where the data resides through the configuration that we provide Vault with but doesn't know how to decrypt the encryption key that is present in the keyring along with the Vault encrypted data. Here comes the master key that is used to decrypt the encryption key which is also present alongside all other Vault data. This master key is also encrypted and we need a special key that can decrypt the master key, this key is known as Unseal key. The Unseal key is generated during the init process using an algorithm known as 'Shamir's secret sharing', where the unseal key is split into certain number of unseal keys 'X' and every time we want to unseal the Vault server we will need a certain number of unseal keys 'Y' and these 'X' and 'Y' values can be decided by the Vault architect when initializing the Vault server. The main intention of creating several unseal keys is to distribute these unseal keys among several stakeholders such that, a minimum number of stake holders are needed to unseal the server or perform major operations on the server. Policies help you create rules that define access to various secrets. We can create policies that allow certain level access like create access, update access, read access, delete access and so on. We then assign this policy to a particular authentication mechanism of a user. This user will have only those access mentioned in the policies attached to his credentials. This way, Vault makes sure that we provide minimal and only necessary access to Vault stakeholders. Thank you for listening to my Podcast. Follow my podcast if you find it helpful. Check out my other episodes. I talk about programming & software engineering. YouTube: https://youtube.com/c/developerTharun Blog Article on: https://tharunshiv.com Instagram: @developerTharun Dev.to: https://dev.to/developertharun Udemy: https://www.udemy.com/user/tharun-shiv/ LinkedIn: https://linkedin.com/in/tharunshiv

22

0
Developer Tharun
Subscribers
1.3K
Total Post
101
Total Views
57.7K
Avg. Views
0.9K
View Profile
This video was published on 2022-01-13 06:00:15 GMT by @Developer-Tharun on Youtube. Developer Tharun has total 1.3K subscribers on Youtube and has a total of 101 video.This video has received 22 Likes which are higher than the average likes that Developer Tharun gets . @Developer-Tharun receives an average views of 0.9K per video on Youtube.This video has received 0 comments which are lower than the average comments that Developer Tharun gets . Overall the views for this video was lower than the average for the profile.

Other post by @Developer Tharun

9 2
57 4
3 0
7 0
10 0
12 0
12 3
12 0
7 2
21 2
13 9
139 11
11 2
21 17
3 1
7 0
16 0
85 6
22 0
13 3
23 1
39 5
28 4
17 7
39 6
6 0
6 0
7 0
14 8
10 4
6 0
3 0
5 1
0 0
0 0
3 0
20 2
26 2
17 1
16 0
14 0
11 0
6 0
5 0
9 0
6 0
3 0
13 0
120 14
16 2
18 3
8 0

THE BEST MATCHMAKER IN TOWN

GURUGRAM HARYANA , INDIA

Copyright © 2024 ViralPitch. All Right Reserved.