• Vault and TFE - Fun with Dynamic Secrets for GCP

    (12 May 2020)
    One topic that always comes up is how to handle GCP Service Account keys. What are they, what do they have access to, how do we manage them, and so forth. It is always a sensitive subject due to the risks associated if not appropriately handled. This post is a look at how we can use Vault's GCP Secrets Engine to dynamically generate service account keys and provide a central location to manage key rotation, and what access is granted with that key.
  • Configuring HashiCorp Vault to Generate Dynamic PostgreSQL Credentials

    (20 Sep 2019)
    Configure HashiCorp Vault to generate a set of dynamic PostgreSQL credentials.