Martez Reed- 21 Apr, 2022
Enabling Cloud Workload Identity for vSphere Virtual Machines
One of the major benefits of using the public cloud is the integrated identity and access management (IAM). This simplifies the process of granting …
-
Martez Reed
- 01 Dec, 2021
HashiCorp Vault Unique AppRole Identity Logging
HashiCorp Vault supports several authentication methods for human and non-human access. Several of the non-human authentication methods are tied to …
-
Martez Reed
- 16 Feb, 2021
HashiCorp Vault vSphere Authentication with VMware Event Broker Appliance (VEBA)
HashiCorp Vault supports a number of authentication methods including methods that utilize what HashiCorp refers to as a “trusted …
-
Martez Reed
- 25 May, 2020
Identifying Active HashiCorp Vault Root Tokens
Revoking the root token on a production HashiCorp Vault deployment is one of the recommended best practices for securing an instance of HashiCorp …
-
Martez Reed
- 20 May, 2020
Detecting HashiCorp Vault Root Token Generation
HashiCorp Vault generates a default root token during installation and best practice dictates that the token should be revoked once the deployment has …
-
Martez Reed
- 09 Feb, 2020
Detecting HashiCorp Vault Root Login
Security of a HashiCorp Vault deployment is of paramount importance given the sensitive nature of the information contained within the platform. …
-
Martez Reed
- 04 Jun, 2019
HashiCorp Vault Policy Metrics
I gave a talk for HashiCorp’s HashiDays event earlier this year that centered around operational intelligence for HashiCorp Vault. The focus was …
-
Martez Reed
- 07 Aug, 2018
Vault Hardening Compliance using Chef InSpec
HashiCorp Vault is quickly becoming the defacto secrets management platform used in environments that rely on DevOps concepts for application …
-
Martez Reed
- 01 Feb, 2018
Vault Audit Logging
Vault (https://www.vaultproject.io/) is a secrets management tool created by HashiCorp that is extremely popular. Given the sensitive nature of the …