Securing Microservices with Vault
At Paddy Power Betfair we rely on OpenStack to manage our infrastructure. The CI/CD tooling backing up OpenStack processes about 1000 pipeline runs daily in all environments. Last year we focused on strengthening the security of our applications. To meet the high-security standards that our customers demand our whole infrastructure needed to be more secure. To that end, we’ve integrated Hashicorp’s Vault in our framework, secured our infrastructure CI/CD pipelines by using short-lived tokens throughout our estate. These are AppRole tokens specifically designed for microservices that can be used either at runtime or config management time.
The following presentation was held in July 2019 at #HashiConfEU Amsterdam. You can see the process and inner workings of secure microservices with Vault.
This was a tight collaboration of two of our departments: security – that handled the access control management in Vault and cloud platforms that handled the integration of Vault with our internal framework and tooling.