2. — The gumption gap
— Humans orchestrating shared secrets
— HashiCorp Vault
— Automated root-password deployment
— Rotating application credentials
— A brief intro to me
What We’ll Talk About
— Rotating application SSL certificates
— Summary
3. Unix-OS C Developer
Automated UI Testing
Automated OS Builds
Linux Virtualised Containers
Auto-scaling architectures
1.0 Linux released
Google launched
Mac OS X 10.0 released
AWS launched
Ansible launched
My first “Hello World!” ZX80 released
Store-cards exploiting Big Data/ML
Motorbiked across Africa
Cycled Edinburgh/Istanbul
The London Years (banking)
Microsoft - Unix ‘Expert’
Git released
3D GPU DevOps
Built Global Messaging Platform
Automating/DevOps-ing
App/DB architecture tuning
1991
1980
1994
1998
2001
2005
2006
2012
Walked across Norway
Automating/DevOps-ing
Cycled Edinburgh/Sahara
Automating/DevOps-ing
A little about me…
4. “At my new job, I am shocked to find
plaintext secrets existing in documentation
that is accessible from anywhere on our network”
Expectation collides with reality
5. Security Best Practice
DevOps Reality
the
gumption*
gap
* initiative or courage: you haven’t the gumption to try [C18: originally Scottish]
The Gumption Gap
20. Repeatable, codified, security: 20 chars, rotate hourly, etc.
Automate the easy stuff first, build gumption.
Go spend time on more interesting stuff….
No credentials created/known by people.
@thisdougb/AnsibleFest2017@thisdougb
Summary