Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Activity
    Henrik René Høegh
    @HenrikHoegh_twitter
    A running vault instance shouldn't be your single point of throuth. At least have a backup or better encrypted files from which you can recreate it from.
    Jacob Lärfors
    @jlarfors
    Really funny that my colleague has done something similar at his company, and I implemented something for fun over summer but never intended it to be production ready. I’d be interested in trying when the situation arises.
    One immediate use case I can see: when creating the infra where Vault will run (so you don’t have vault yet) it would be cool to spin up a temp vault instance that can be bootstrapped in this way, but used with packer/terraform/etc more as an API than long term secrets storage
    Andrey Devyatkin
    @Andrey9kin
    You can do DR cluster if you got Vault Enterprise or point in time recovery if using DynamoDB as a backend...
    So such script would be useful for people runnung on prem
    but usually people wiht infra on prem has money to spend and they might already have Vault Enterprise
    but if they don’t then it might be legit case for them
    Mattias Hemmingsson
    @mattiashem
    Cool i have a tool that convert values.yaml from helm to a json and then upload it to vault as a init state :-)
    Everyone has the same problem and solve it..
    Jacob Lärfors
    @jlarfors
    And all the solutions are quite different 😅welcome to “DevOps” 😆
    Andrey Devyatkin
    @Andrey9kin
    how often would you recreate vault secrets?
    Mattias Hemmingsson
    @mattiashem
    Its check if there are any secrets and if not its add them as a base. Then super simple for devs to edit a secret ...
    If they are to add s new its hars to get it correct ...
    Julien Bisconti
    @veggiemonk
    What do you think of this meshing of networking on k8s with wireguard ? https://www.youtube.com/watch?v=iPz_DAOOCKA
    project kilo: https://github.com/squat/kilo
    I was thinking of doing something like tailscale at home... Or have a VPN proxy server that can handle 1000Mbits/sec
    Andrey Devyatkin
    @Andrey9kin
    i think problems
    you define the problem and then start to think solutions
    Julien Bisconti
    @veggiemonk
    This is old but gold: https://www.youtube.com/watch?v=D7LgjSOWCxg. IPTables Tips and Tricks: More Than Just ACCEPT or DROP
    Andrey Devyatkin
    @Andrey9kin
    https://twitter.com/mohapatrahemant/status/1343969802080030720?s=21
    why GCP lost to Azure^
    Julien Bisconti
    @veggiemonk
    Awesome!
    Andrey Devyatkin
    @Andrey9kin
    Chrome extrension to hide all i-passed-certification posts by Anton https://github.com/antonbabenko/you-have-passed-the-certification
    Jacob Lärfors
    @jlarfors
    Haha, nice of Anton to make such a useful plugin :)
    Julien Bisconti
    @veggiemonk
    https://www.theregister.com/2021/02/03/google_q4_2020/
    Google's cloud services lost $14.6bn over three years – and CEO Sundar Pichai likes that trajectory
    bilbonl
    @bilbonl
    Hi, wanted to suggest discussion in your podcast around this blog - https://www.openappsec.io/post/perspective-on-forrester-waf-vendors-wave