Implementing a safe and auditable access to customer instances of your SaaS for the support staff with HashiCorp Vault
- Track: Identity and Access Management devroom
- Room: UD2.119
- Day: Saturday
- Start: 13:35
- End: 14:05
SaaS are for a lot of us an unavoidable part of our day to day workflows. Unfortunately, sometimes things goes wrong and you need an hand from the support team to get you back on track.
This talk will explore how, as a SaaS provider, you can implement an access to independent customer instances for your support staff and guarantee accountability and auditability using only free software tools like HashiCorp Vault.
A rough outline of the talk would be: * Challenges of doing support as a SaaS provider in terms of access management * Evaluation of solutions and their shortcoming * Introduction to the secret manager tool HashiCorp Vault * Implementation of a solution that guarantee accountability and auditability. There will be a bit of PKI and Golang. * Live demo using the myTuleap cloud service as an example
Speakers
Thomas Gerbet |