When running a Kubernetes cluster, you may want to secure secrets outside the cluster. But how do you provide pods authenticated access to secrets stored in something like HashiCorp Vault? One possible solution comes from the Azure Kubernetes Service, which has the ability to use Azure Active Directory to authenticate running pods. In this talk, you will see how Vault can use Azure AD authentication to allow pods running on AKS to access secrets stored in Vault. First, we will walk through the setup of AKS with Pod Identity. Then we will deploy a Vault cluster and enable Azure authentication. Finally, we will deploy an application on the AKS cluster and retrieve a secret from the Vault cluster. By the end of the talk, you'll be ready to go out and implement this solution in your environment.
This talk was part of HashiTalks, an online event-A 24-hour continuous series of presentations from the worldwide HashiCorp User Group (HUG) community and from HashiCorp engineers as well.
Check out your local chapter or start a new one here: www.meetup.com/pro/hugs -
If you liked this video and want to see more from HashiCorp, subscribe to our channel: kzbin.info?s...
To learn more, visit our hands-on interactive lab environment, HashiCorp Learn: learn.hashicorp.com/
HashiCorp is the leader in multi-cloud infrastructure automation software. The HashiCorp software suite enables organizations to adopt consistent workflows to provision, secure, connect, and run any infrastructure for any application. HashiCorp open source tools Vagrant, Packer, Terraform, Vault, Consul, Nomad, Boundary, and Waypoint are downloaded tens of millions of times each year and are broadly adopted by the Global 2000. Enterprise versions of these products enhance the open source tools with features that promote collaboration, operations, governance, and multi-data center functionality.
For more information, visit: www.hashicorp.com or follow us on social media:
Twitter: @hashicorp
LinkedIn: / hashicorp
Facebook: / hashicorp