Session Name: Who’s Managing the Credentials for Your Data Infrastructure?
Whether you’re using a legacy system or a serverless framework, you’re using some sort of database. Are you using the same database credentials for your human users and your applications? This shared access poses a huge security risk. Leaked database credentials in the wrong hands can cause havoc. In this talk, I use Vault (an open-source secret management tool from HashiCorp) to make a case for dynamic secrets. After a brief overview of Vault, I explain how Vault can dynamically generate database credentials. I use a managed PostgreSQL service to demo the benefits of dynamic database credentials and use specific roles to limit access to certain tables. Audience key takeaways: 1. Awareness about secret sprawl and the risks with static credentials. 2. Open-source tools to manage access for data infrastructure. 3. Hands-on demo and learning resources so that the audience can secure their data infrastructure using dynamic credentials.
Dewan Ahmed is a Senior Developer Advocate at Aiven, a company that offers a fully managed, open-source cloud data platform. For the last eight years, Dewan has worked to solve DevOps and infrastructure problems for startups, enterprises, and governments. Starting his public speaking at a toastmaster in 2016, he has been speaking at tech conferences and meetups for the last five years. His work is fueled by a passion for open-source and deep respect for the tech community. Dewan writes about app/data infrastructure, developer advocacy, and his thoughts around a career in tech here: https://www.dewanahmed.com. Outside of work, he’s an advocate for underrepresented groups in tech and offers pro bono career coaching as his way of giving back.