Dynamic Database Credentials by Sean Chittenden
Tuesday, November 15 at 4:40-5:35
In either bare metal or cloud environments, application hosts come and go automatically. If application hosts come and go dynamically, why should application usernames and passwords be static? In this session we will discuss the setup and use of Vault for securing the access from application hosts to PostgreSQL (both credentials and SSL certs) in a way that provides both revocability and auditability. This talk will include:
About the speaker
Sean Chittenden is a longtime user and administrator of PostgreSQL. Formerly an Architect for Groupon Production Operations, Sean now hails from HashiCorp where he is focused on security, high-availability, and the advancement of operational best practices for companies using open source tools. Sean is a long-time participant of the PostgreSQL and FreeBSD communities and a 15+ year veteran of large scale web infrastructure. Sean's notable recent projects pg_consul and designing and building Groupon's internal Database-as-a-Service offering.