Keep It Secret, Keep It Safe: Credentials and Secrets Management on AWS

May 23, 2019

Are you hard coding credentials in your software? Do you have passwords you need to centrally manage, while maintaining access control? In this session you will learn the best ways of using the AWS platform to build applications with zero knowledge of the credentials that are used. AWS and Xero will talk about the various methods AWS gives you to ensure you can handle secret values with confidence using automation in a multi-account environment. From IAM Roles, to bearer tokens and automatically rotated secrets, we will walk through a real life application and show how easy it is to keep your secrets safe.

Speakers:
Rupert Bryant-Greene, Security Engineering, Xero
Maria Sokolova, Solutions Architect, Amazon Web Services

View slideshare »

Resources:

Previous Video

Security at Scale: Security Hub and the Well Architected Framework

In this session you will learn how to align your AWS environment to industry standard best practices for se...

Next Video

Automated Forensics and Incident Response on AWS

This session will show how Telstra uplifted their forensics and incident response capabilities by using AWS...

Keep It Secret, Keep It Safe: Credentials and Secrets Management on AWS

Previous Video

Next Video

Other Content in this stream

This session will explore how to use chatbots and AWS services to offload some of the most frequent calls to your service centre. Empower employees to manage their own accounts, passwords, and access.

The Australian Cyber Security Centre (ACSC) awarded PROTECTED certification to AWS for 42 cloud services in the AWS Asia-Pacific (Sydney) Region. This is the highest data security certification availa

Core banking and financial systems are moving into the cloud. This talk will focus on the strategy, the technology, and the review process that customers use to move their most important systems into

Security issues in your environment need to be identified and corrected faster than ever. AWS makes this easier with increased visibility and automated remediation capabilities. Australia Post will sh

The cloud enables every business to have enterprise grade security. You don't have to have a dedicated security team to have strong security in the cloud. You can enable your teams to move fast and ma

In this session you will learn how AWS Deep Learning can be used to automate security operations and build a machine learning system to protect your applications. This session focuses on early detecti

In this session you will learn how to align your AWS environment to industry standard best practices for security. This session covers AWS' prescriptive recommendations for securing cloud workloads, i

This session will show how Telstra uplifted their forensics and incident response capabilities by using AWS services and automation to deliver a scalable forensics platform. You will learn how to use

Atlassian runs a global SaaS platform where security and customer privacy are critical. This talk focuses on the solution they built using KMS and IAM to provide resilient cross-region encryption and