MuleSoft_Meetup_#6_Chandigarh_April_2021

•Download as PPTX, PDF•

1 like•311 views

This document provides an agenda and overview for a virtual meetup on Hashicorp Vault. The meetup will include introductions by the organizers and sponsor, an introduction to Vault including its features and use cases, a demo, and Q&A. The speaker will discuss using Vault with MuleSoft and show how to store and retrieve credentials from Vault.

Technology

11 April 2021
Chandigarh MuleSoft Meetup Group
Hashicorp Vault

2
Guidelines for our Virtual Meetup
1. You can write down your questions in the chat during the session.
2. Once we are done with the day, don’t forget to provide your
valuable feedback.

3
●About the organizers:
○ Suresh Rathore
○ Lalit Panwar
○ Ajay Rana
Introductions
A SHOW OF HANDS:
Who is new to this Meetup?
●About the sponsor:
○ MuleSoft

4
About the speaker:
● Working as Solution Consultant with Apisero
● Mulesoft Certified Developer

5
● Introduction to Vault
● Features of Vault
● Hashicorp Vault with MuleSoft
● Use cases
● Demo
● Q&A
Agenda

7
● Vault is a tool for securely accessing secrets. A secret is anything that you want to tightly control
access to, such as API keys, passwords, or certificates.
● Vault provides a unified interface to any secret, while providing tight access control and
recording a detailed audit log.
● A modern system requires access to a multitude of secrets: database credentials, API keys for
external services, credentials for service-oriented architecture communication, etc.
● Understanding who is accessing what secrets is already very difficult and platform-specific.
● Adding on key rolling, secure storage, and detailed audit logs is almost impossible without a
custom solution. This is where Vault steps in.
Introduction

8
● Secure Secret Storage (in-memory, Consul, file, and more)
● Dynamic Secrets
● Data Encryption Leasing and Renewal
● Revocation
● Auditing
● Multiple Client Authentication Methods
Features

Seal / Unseal
● When a Vault server is started, it starts in a sealed state. In this state, Vault is configured to
know where and how to access the physical storage, but doesn't know how to decrypt any of
it.
● Unsealing is the process of obtaining the plaintext master key necessary to read the
decryption key to decrypt the data, allowing access to the Vault.
● Prior to unsealing, almost no operations are possible with Vault. For example authentication,
managing the mount tables, etc. are all not possible. The only possible operations are to
unseal the Vault and check the status of the seal.
9

Commands
● vault server -dev
● vault -h
● vault secrets enable -path=<path> <engine>
● vault kv put <engine>/<path> <key>=<value>
● vault kv patch <engine>/<path> <key>=<value>
● vault kv delete <engine>/<path>
● vault secrets list
● vault token create
● vault login <token>
● vault kv put <engine_name>/<path> @<filename.json>
10

APIs
Retrieve Secret using API
● curl --location --request GET 'localhost:8200/<api_version>/<engine>/data/<path>'
--header 'X-Vault-Token: <token>'
● curl --location --request GET 'localhost:8200/v1/kv/data/salesforce/credentials'
--header 'X-Vault-Token: s.gup8UFzTiFHv0f4MO8K0cEiW'
11

Use Case 1 : Vault Properties Connector
● Store credentials in vault
● Configure Vault Properties Connector
● Configure Credentials in Salesforce Connector
● Flow to fetch Account object record
12

Use case 2 : Cache Credentials
● Store Credentials in Vault
● Fetch Credentials from Vault and Cache
● Configure Credentials in Salesforce Connector
● Flow to fetch Account object record
13

Further Resources
● Vault:
https://www.vaultproject.io/docs/what-is-vault
https://www.vaultproject.io/api-docs
● Vault Mule 4 Connector:
https://github.com/avioconsulting/mule-vault-properties-provider

19
● Share:
○ Tweet your pictures or posts using the hashtag #MuleSoftMeetups
○ Invite your network to join: https://meetups.mulesoft.com/chandigarh/
● Feedback:
○ Fill out the survey feedback and suggest topics for upcoming events
○ Contact MuleSoft at meetups@mulesoft.com for ways to improve the program
It always seems impossible until it is done - NELSON MANDELA
What’s next?

What's hot

MuleSoft Surat Live Demonstration Virtual Meetup#3 - Building JWT OAuth 2.0 C...

Jitendra Bafna

MuleSoft Surat Live Demonstration Virtual Meetup#5 - Salesforce Composite Con...

Jitendra Bafna

Meetup presentation-june26

Karthik Venkata T

MuleSoft meetup__houston #13

Jim Andrews

Nagpur Mulesoft Meetup on CICD using Jenkins

pqrs1234

MuleSoft Meetup Bangalore - March 6 2021

Nagaraju K R

Kochi Mulesoft Meetup #4

sumitahuja94

Mumbai MuleSoft Meetup #17 - GraphQL

Akshata Sawant

Mulesoftmeetup Thiruvanathapuram #4

Anurag Dwivedi

MuleSoft Surat Virtual Meetup#21 - MuleSoft API and RAML Design Best Practice...

Jitendra Bafna

MuleSoft Surat Virtual Meetup#16 - Anypoint Deployment Option, API and Operat...

Jitendra Bafna

Indore mule soft meetup 3

Kirti Gurjar

MuleSoft Surat Virtual Meetup#6 - MuleSoft API Led Connectivity, SEDA and MUn...

Jitendra Bafna

MuleSoft CloudHub API Versioning

Patryk Bandurski

Indianapolis mulesoft meetup_sep_11_2021

ikram_ahamed

MuleSoft Surat Virtual Meetup#7 - JSON Logger and Common Error Handling With ...

Jitendra Bafna

MuleSoft Surat Virtual Meetup#3 - Anypoint Custom Policies, API Manager (Prox...

Jitendra Bafna

Meetup - Automate your project lifecycle using MuleSoft and Azure DevOps

Renato de Oliveira

Baltimore july2021 final

ManjuKumara GH

Power of LWC + Mulesoft

NeerajKumar1965

What's hot (20)

MuleSoft Surat Live Demonstration Virtual Meetup#3 - Building JWT OAuth 2.0 C...

MuleSoft Surat Live Demonstration Virtual Meetup#5 - Salesforce Composite Con...

Meetup presentation-june26

MuleSoft meetup__houston #13

Nagpur Mulesoft Meetup on CICD using Jenkins

MuleSoft Meetup Bangalore - March 6 2021

Kochi Mulesoft Meetup #4

Mumbai MuleSoft Meetup #17 - GraphQL

Mulesoftmeetup Thiruvanathapuram #4

MuleSoft Surat Virtual Meetup#21 - MuleSoft API and RAML Design Best Practice...

MuleSoft Surat Virtual Meetup#16 - Anypoint Deployment Option, API and Operat...

Indore mule soft meetup 3

MuleSoft Surat Virtual Meetup#6 - MuleSoft API Led Connectivity, SEDA and MUn...

MuleSoft CloudHub API Versioning

Indianapolis mulesoft meetup_sep_11_2021

MuleSoft Surat Virtual Meetup#7 - JSON Logger and Common Error Handling With ...

MuleSoft Surat Virtual Meetup#3 - Anypoint Custom Policies, API Manager (Prox...

Meetup - Automate your project lifecycle using MuleSoft and Azure DevOps

Baltimore july2021 final

Power of LWC + Mulesoft

Similar to MuleSoft_Meetup_#6_Chandigarh_April_2021

Introducing Vault

Ramit Surana

Issuing temporary credentials for my sql using hashicorp vault

OlinData

Eliminating Secret Sprawl in the Cloud with HashiCorp Vault - 07.11.2018

HashiCorp

Managing secrets in a distributed cloud world requires a new approach to security. Applications and systems are now frequently created and destroyed. The network between distributed clouds, applications, and systems is low-trust, furthering the complexities of secrets sprawl. So, what is the solution? HashiCorp Vault seeks to solve the problem of secret sprawl by centralizing secrets management in a scalable, repeatable workflow to be able to create, manage, and revoke secrets as needed. Watch this webinar to learn: - How Vault addresses today’s security threats - How security teams can use Vault to store and manage all their secrets across their private and public infrastructure, globally. - How Adobe reduced secret sprawl, increased operational performance of a key security process, and processes 100 trillion transactions with Vault For full webinar recording: https://hashicorp.com/resources/eliminating-secret-sprawl-in-the-cloud

HashiCorp Vault configuration as code via HashiCorp Terraform- stories from t...

Andrey Devyatkin

OpenStack Toronto Meetup - Keystone 101

Steve Martinelli

Mastering Secrets Management in Rundeck

Rundeck

Secure IT infrastructure is well protected by access keys, passwords, and other credentials. Admins need these secrets to gain access, as does any automation executed by Rundeck. Rundeck has rich support for secrets management with native key storage, as well as integrations with best-of-breed standardized solutions. In this webinar, we’ll cover best practices for working with Rundeck’s runbook automation platform in securing IT infrastructure. We’ll explore the secrets management options in Rundeck and we’ll highlight a new plugin with Thycotic Secret Server for Privileged Access Management. In this webinar, we will demonstrate: How Rundeck works with underlying secrets of the systems it manages New Rundeck plugins that allow users to protect privileged accounts with enterprise-grade, privileged access management solutions How you can use Rundeck plugins with HashiCorp Vault, Thycotic, and CyberArk as keys for jobs and other Rundeck configurations

DerbyCon2016 - Hacking SQL Server on Scale with PowerShell

Scott Sutherland

This presentation will provide an overview of common SQL Server discovery, privilege escalation, persistence, and data targeting techniques. Techniques will be shared for escalating privileges on SQL Server and associated Active Directory domains. Finally we?ll show how PowerShell automation can be used to execute the SQL Server attacks on scale. All scripts created and demonstrated during the presentation will be open sourced. This should be useful to penetration testers and system administrators trying to gain a better understanding of their SQL Server attack surface and how it can be exploited.

Managing secrets at scale

Alex Schoof

Slides from "Managing Secrets at scale" at Velocity EU 2015 Secrets come in many shapes and sizes: database API keys, database passwords, private keys. Distributing and managing these secrets is usually an afterthought. It's hard to get right, and can be very expensive if you get it wrong. In this session, we'll look at the core operations and properties that make up a good secret management system, and how these principals can be implemented

Managing your secrets in a cloud environment

Taswar Bhatti

TW SEAT - DevOps: Security 干我何事？

smalltown

Vault 1.1: Secret Caching with Vault Agent and Other New Features

Mitchell Pronschinske

Since its first release in 2015, HashiCorp Vault has grown from a place to keep secrets to a platform that provides comprehensive secrets management, encryption as a service, and identity-based security for some of the largest organizations in the world. While Vault 1.0 saw auto-unseal become open source and introduced batch tokens improved performance, feature completeness, and enterprise readiness, Vault 1.1 focuses on building workflow enablement and increasing scaling and operations.

Go Hack Yourself - 10 Pen Test Tactics for Blue Teamers

jasonjfrank

XP Days 2019: First secret delivery for modern cloud-native applications

Vlad Fedosov

In this talk we’ll see how Authentication and Secrets delivery work in distributed containerized applications from the inside. We’ll start from the theory of security and will go through the topics like Container Auth Role, Static & Dynamic secrets, Env vars/volumes for secret delivery, Vault & K8S secrets. After this talk you’ll get an understanding how to securely deploy your containerized workloads.

Tatu: ssh as a service

Pino deCandia

Growing HashiCorp Vault at Hootsuite

JAmes Atwill

OpenStack KeystoneDeepti Ramakrishna

FIWARE Wednesday Webinars - How to Secure IoT Devices

FIWARE

FIWARE Wednesday Webinar - How to Secure IoT Devices (22nd April 2020) Corresponding webinar recording: https://youtu.be/_87IZhrYo3U Live coding session and commentary, demonstrating various techniques and methods for securing the interactions between Devices, IoT Agents and the Context Broker Chapter: Security Difficulty: 3 Audience: Any Technical Presenter: Jason Fox (Senior Technical Evangelist, FIWARE Foundation)

Kubernetes Secrets Management on Production with Demo

Opsta

Securing Your Resources with Short-Lived Certificates!

All Things Open

Securing Microservices using Play and Akka HTTP

Rafal Gancarz

Going down the microservices route makes a lot of things around creating and maintaining large systems easier but it comes at a cost too, particularly associated with challenges around security. While securing monolithic applications was a relatively well understood area, the same can't be said about microservice based architectures. This presentation covers how implementing microservices affects the security of distributed systems, outlines pros and cons of several standards and common practices and offers practical suggestions for securing microservice based systems using Play and Akka HTTP.

Similar to MuleSoft_Meetup_#6_Chandigarh_April_2021 (20)

Introducing Vault

Issuing temporary credentials for my sql using hashicorp vault

Eliminating Secret Sprawl in the Cloud with HashiCorp Vault - 07.11.2018

HashiCorp Vault configuration as code via HashiCorp Terraform- stories from t...

OpenStack Toronto Meetup - Keystone 101

Mastering Secrets Management in Rundeck

DerbyCon2016 - Hacking SQL Server on Scale with PowerShell

Managing secrets at scale

Managing your secrets in a cloud environment

TW SEAT - DevOps: Security 干我何事？

Vault 1.1: Secret Caching with Vault Agent and Other New Features

Go Hack Yourself - 10 Pen Test Tactics for Blue Teamers

XP Days 2019: First secret delivery for modern cloud-native applications

Tatu: ssh as a service

Growing HashiCorp Vault at Hootsuite

OpenStack Keystone

FIWARE Wednesday Webinars - How to Secure IoT Devices

Kubernetes Secrets Management on Production with Demo

Securing Your Resources with Short-Lived Certificates!

Securing Microservices using Play and Akka HTTP

Recently uploaded

The Art of the Pitch: WordPress Relationships and Sales

Laura Byrne

Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes? All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.

IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx

Abida Shariff

FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf

FIDO Alliance

UiPath Test Automation using UiPath Test Suite series, part 4

DianaGray10

Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap. The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies. Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques What will you get from this session? 1. Insights into SAP testing best practices 2. Heatmap utilization for testing 3. Optimization of testing processes 4. Demo Topics covered: Execution from the test manager Orchestrator execution result Defect reporting SAP heatmap example with demo Speaker: Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP

From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...

Product School

Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality

Inflectra

In this insightful webinar, Inflectra explores how artificial intelligence (AI) is transforming software development and testing. Discover how AI-powered tools are revolutionizing every stage of the software development lifecycle (SDLC), from design and prototyping to testing, deployment, and monitoring. Learn about: • The Future of Testing: How AI is shifting testing towards verification, analysis, and higher-level skills, while reducing repetitive tasks. • Test Automation: How AI-powered test case generation, optimization, and self-healing tests are making testing more efficient and effective. • Visual Testing: Explore the emerging capabilities of AI in visual testing and how it's set to revolutionize UI verification. • Inflectra's AI Solutions: See demonstrations of Inflectra's cutting-edge AI tools like the ChatGPT plugin and Azure Open AI platform, designed to streamline your testing process. Whether you're a developer, tester, or QA professional, this webinar will give you valuable insights into how AI is shaping the future of software delivery.

Neuro-symbolic is not enough, we need neuro-*semantic*

Frank van Harmelen

Neuro-symbolic (NeSy) AI is on the rise. However, simply machine learning on just any symbolic structure is not sufficient to really harvest the gains of NeSy. These will only be gained when the symbolic structures have an actual semantics. I give an operational definition of semantics as “predictable inference”. All of this illustrated with link prediction over knowledge graphs, but the argument is general.

Leading Change strategies and insights for effective change management pdf 1.pdf

OnBoard

FIDO Alliance Osaka Seminar: Overview.pdf

FIDO Alliance

Epistemic Interaction - tuning interfaces to provide information for AI support

Alan Dix

Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024 https://alandix.com/academic/papers/synergy2024-epistemic/ As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.

FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf

FIDO Alliance

Bits & Pixels using AI for Good.........

Alison B. Lowndes

ODC, Data Fabric and Architecture User Group

CatarinaPereira64715

AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...

Product School

GraphRAG is All You need? LLM & Knowledge Graph

Guy Korland

Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs. 1. Unifying Large Language Models and Knowledge Graphs: A Roadmap. https://arxiv.org/abs/2306.08302 2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs: https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/

Knowledge engineering: from people to machines and back

Elena Simperl

LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...

DanBrown980551

Do you want to learn how to model and simulate an electrical network from scratch in under an hour? Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)! During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook. PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides: - A fully editable and extendable library for grid component modelling; - Visualization tools to display your network; - Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses; The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well. What you will learn during the webinar: - For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills; - For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.

Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024

Tobias Schneck

As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other? Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.

Essentials of Automations: Optimizing FME Workflows with Parameters

Safe Software

Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place. Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects. Here’s what you’ll gain: - Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows. - Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy. - Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency. - Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity. We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic. Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.

Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...

Product School

Recently uploaded (20)

The Art of the Pitch: WordPress Relationships and Sales

IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx

FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf

UiPath Test Automation using UiPath Test Suite series, part 4

From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...

Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality

Neuro-symbolic is not enough, we need neuro-*semantic*

Leading Change strategies and insights for effective change management pdf 1.pdf

FIDO Alliance Osaka Seminar: Overview.pdf

Epistemic Interaction - tuning interfaces to provide information for AI support

FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf

Bits & Pixels using AI for Good.........

ODC, Data Fabric and Architecture User Group

AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...

GraphRAG is All You need? LLM & Knowledge Graph

Knowledge engineering: from people to machines and back

LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...

Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024

Essentials of Automations: Optimizing FME Workflows with Parameters

Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...

MuleSoft_Meetup_#6_Chandigarh_April_2021

1. 11 April 2021 Chandigarh MuleSoft Meetup Group Hashicorp Vault

2. 2 Guidelines for our Virtual Meetup 1. You can write down your questions in the chat during the session. 2. Once we are done with the day, don’t forget to provide your valuable feedback.

3. 3 ●About the organizers: ○ Suresh Rathore ○ Lalit Panwar ○ Ajay Rana Introductions A SHOW OF HANDS: Who is new to this Meetup? ●About the sponsor: ○ MuleSoft

4. 4 About the speaker: ● Working as Solution Consultant with Apisero ● Mulesoft Certified Developer

5. 5 ● Introduction to Vault ● Features of Vault ● Hashicorp Vault with MuleSoft ● Use cases ● Demo ● Q&A Agenda

6. Credential Manager Hashicorp Vault

7. 7 ● Vault is a tool for securely accessing secrets. A secret is anything that you want to tightly control access to, such as API keys, passwords, or certificates. ● Vault provides a unified interface to any secret, while providing tight access control and recording a detailed audit log. ● A modern system requires access to a multitude of secrets: database credentials, API keys for external services, credentials for service-oriented architecture communication, etc. ● Understanding who is accessing what secrets is already very difficult and platform-specific. ● Adding on key rolling, secure storage, and detailed audit logs is almost impossible without a custom solution. This is where Vault steps in. Introduction

8. 8 ● Secure Secret Storage (in-memory, Consul, file, and more) ● Dynamic Secrets ● Data Encryption Leasing and Renewal ● Revocation ● Auditing ● Multiple Client Authentication Methods Features

9. Seal / Unseal ● When a Vault server is started, it starts in a sealed state. In this state, Vault is configured to know where and how to access the physical storage, but doesn't know how to decrypt any of it. ● Unsealing is the process of obtaining the plaintext master key necessary to read the decryption key to decrypt the data, allowing access to the Vault. ● Prior to unsealing, almost no operations are possible with Vault. For example authentication, managing the mount tables, etc. are all not possible. The only possible operations are to unseal the Vault and check the status of the seal. 9

10. Commands ● vault server -dev ● vault -h ● vault secrets enable -path=<path> <engine> ● vault kv put <engine>/<path> <key>=<value> ● vault kv patch <engine>/<path> <key>=<value> ● vault kv delete <engine>/<path> ● vault secrets list ● vault token create ● vault login <token> ● vault kv put <engine_name>/<path> @<filename.json> 10

11. APIs Retrieve Secret using API ● curl --location --request GET 'localhost:8200/<api_version>/<engine>/data/<path>' --header 'X-Vault-Token: <token>' ● curl --location --request GET 'localhost:8200/v1/kv/data/salesforce/credentials' --header 'X-Vault-Token: s.gup8UFzTiFHv0f4MO8K0cEiW' 11

12. Use Case 1 : Vault Properties Connector ● Store credentials in vault ● Configure Vault Properties Connector ● Configure Credentials in Salesforce Connector ● Flow to fetch Account object record 12

13. Use case 2 : Cache Credentials ● Store Credentials in Vault ● Fetch Credentials from Vault and Cache ● Configure Credentials in Salesforce Connector ● Flow to fetch Account object record 13

14.

15. Q&A

16. Further Resources

17. Further Resources ● Vault: https://www.vaultproject.io/docs/what-is-vault https://www.vaultproject.io/api-docs ● Vault Mule 4 Connector: https://github.com/avioconsulting/mule-vault-properties-provider

18. Trivia Questions

19. 19 ● Share: ○ Tweet your pictures or posts using the hashtag #MuleSoftMeetups ○ Invite your network to join: https://meetups.mulesoft.com/chandigarh/ ● Feedback: ○ Fill out the survey feedback and suggest topics for upcoming events ○ Contact MuleSoft at meetups@mulesoft.com for ways to improve the program It always seems impossible until it is done - NELSON MANDELA What’s next?

20. Thank you

MuleSoft_Meetup_#6_Chandigarh_April_2021

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Similar to MuleSoft_Meetup_#6_Chandigarh_April_2021

Similar to MuleSoft_Meetup_#6_Chandigarh_April_2021 (20)

Recently uploaded

Recently uploaded (20)

MuleSoft_Meetup_#6_Chandigarh_April_2021