View my previous post in the IoT Security Discussions series on What Is a Secure Element?
How to use HashiCorp’s Vault in embedded development?
HashiCorp Vault is an open-source secrets management tool that’s well known in cloud devops world, but not so much in the embedded world. In this video, we go over the following use cases for Vault, and then announce that our product, the Quartermaster, runs HashiCorp’s Vault as an appliance to help bridge the embedded world development patterns into a more modern, secure, devops world.
In this video Josh:
– Describes and introduces HashiCorp Vault.
– Shows how to use the Vault key/value store.
– Discusses how to use the Vault PKI engine to manage various embedded focus certificates like those for secure boot, firmware signing, and encryption-as-a-service.
– Talks about using the Vault OpenSSH CA features vs. dropbear SSH.
– Advocates for using Vault in your CI build system such as Jenkins or docker to obtain secrets securely at build-time.
– Shows that all of the vault demos were actually done on a Quartermaster on Josh’s desk. Mind blown.
– Outlines the two use cases for Vault on the Quartermaster vs on a server. The first is for a team not wanting to maintain a cloud or hosted approach and the second is a in-factory model where remote connections are not desired.
– Concludes with saying hey, I said I do this video, hopefully you enjoyed it!