サクサク読めて、
アプリ限定の機能も多数!
アプリで開く
●はてなブックマークって?
●アプリ・拡張の紹介
●ユーザー登録
●ログイン
●ログアウト
kiririmode
id:kiririmode
●
8,550
ブックマーク
●
-
お気に入り
●
-
お気に入られ
タグ
●すべて
●
*-users.jp
(6)
●
*architecture
(8)
●
*book
(298)
●
*business
(15)
●
*computer
(46)
●
*emacs
(191)
●
*enlightment
(10)
●
*environment
(157)
●
*event
(6)
●
*free
(12)
●
*google
(70)
●
*interview
(31)
●
*job
(24)
●
*knowledge
(9)
●
*life
(30)
●
*lifehack
(142)
●
*linux
(64)
●
*mac
(63)
●
*network
(105)
●
*news
(8)
●
*performance
(7)
●
*programming
(635)
●
*psychology
(6)
●
*reference
(33)
●
*security
(109)
●
*software
(282)
●
*specification
(9)
●
*tips
(203)
●
*unix
(30)
●
*webdesign
(14)
●
*webservice
(129)
●
*windows
(93)
●
*word
(12)
●
*あとで試す
(29)
●
*いい話
(7)
●
*ネタ
(25)
●
*仕事
(54)
●
*名言
(10)
●
*後で試す
(22)
●
*後で読む
(55)
●
*後で買う
(179)
●
*時事
(48)
●
*社会
(52)
●
12factorapp
(8)
●
2ch
(22)
●
2ちゃんねる
(7)
●
SICP
(9)
●
ad(7)
●
adr
(6)
●
affair
(8)
●
agile
(51)
●
ai(118)
●
air
(14)
●
ajax
(13)
●
algorithm
(25)
●
amazon
(14)
●
amplify
(6)
●
android
(9)
●
ansible
(9)
●
anyevent
(19)
●
anything
(6)
●
apache
(44)
●
api
(52)
●
apigateway
(11)
●
apollo
(14)
●
apple
(36)
●
appservice
(13)
●
appsync
(13)
●
arc
(7)
●
architecture
(29)
●
aurora
(10)
●
authentication
(16)
●
awesome
(11)
●
aws
(364)
●
azure
(107)
●
backup
(10)
●
bash
(15)
●
batch
(12)
●
bestpractice
(12)
●
bitcoin
(52)
●
blockchain
(12)
●
blog
(21)
●
book
(22)
●
boost
(6)
●
browser
(13)
●
business
(22)
●
c(21)
●
c++
(58)
●
cache
(19)
●
calendar
(11)
●
cassandra
(19)
●
catalyst
(7)
●
cd(17)
●
chef
(8)
●
chrome
(24)
●
ci(25)
●
classloader
(7)
●
cli
(6)
●
cloud
(20)
●
cloudfront
(18)
●
cloudwatch
(15)
●
cocoa
(7)
●
codepipeline
(15)
●
codereview
(7)
●
cognito
(14)
●
comet
(8)
●
command
(22)
●
communication
(16)
●
company
(26)
●
concurrent
(12)
●
config
(12)
●
connect
(26)
●
consul
(19)
●
container
(6)
●
cookie
(23)
●
cooking
(6)
●
copilot
(15)
●
copyright
(14)
●
coro
(8)
●
cpan
(80)
●
cpanm
(7)
●
cpu
(7)
●
cron
(8)
●
csrf
(6)
●
css
(32)
●
cygwin
(10)
●
daemontools
(7)
●
dankogai
(21)
●
datadog
(18)
●
datamodel
(15)
●
datetime
(11)
●
db(222)
●
dbi
(6)
●
dbic
(6)
●
debug
(25)
●
dena
(8)
●
design
(45)
●
designpattern
(7)
●
development
(18)
●
devops
(127)
●
di(11)
●
dkim
(13)
●
dns
(30)
●
docker
(82)
●
dropbox
(14)
●
dx(8)
●
dynamodb
(7)
●
e2e
(15)
●
earthquake
(15)
●
ebook
(9)
●
ec2
(6)
●
eclipse
(16)
●
economics
(7)
●
economy
(7)
●
ecr
(9)
●
ecs
(49)
●
electron
(13)
●
elisp
(12)
●
emacs
(20)
●
emobile
(6)
●
encode
(8)
●
english
(13)
●
epub
(7)
●
error
(6)
●
esxi
(7)
●
evernote
(7)
●
excel
(14)
●
extension
(77)
●
facebook
(10)
●
fam
(8)
●
fargate
(15)
●
featureflag
(7)
●
ffmpeg
(6)
●
filesystem
(16)
●
firefox
(135)
●
firelens
(7)
●
flash
(6)
●
fluentd
(25)
●
font
(17)
●
foursquare
(7)
●
framework
(7)
●
free
(28)
●
frontend
(6)
●
functions
(15)
●
game
(6)
●
gauche
(14)
●
gc(25)
●
gcc
(8)
●
gdb
(6)
●
gdpr
(6)
●
generics
(9)
●
git
(69)
●
git-flow
(7)
●
github
(71)
●
githubactions
(29)
●
githubcopilot
(9)
●
gitlab
(26)
●
gmail
(27)
●
go(21)
●
golang
(100)
●
google
(66)
●
google gears
(12)
●
gpt
(35)
●
graph
(8)
●
graphql
(35)
●
greasemonkey
(32)
●
growl
(9)
●
grpc
(39)
●
gtd
(11)
●
happi
(7)
●
haproxy
(13)
●
hasura
(6)
●
hatena
(50)
●
heap
(6)
●
hls
(8)
●
html
(23)
●
html5
(24)
●
http
(29)
●
httpclient
(12)
●
https
(7)
●
hyperv
(8)
●
iac
(6)
●
iam
(31)
●
ie(6)
●
iij
(26)
●
innodb
(6)
●
insidesales
(9)
●
interview
(6)
●
ios
(63)
●
ipad
(43)
●
iphone
(160)
●
ipod
(7)
●
iptables
(11)
●
iscsi
(10)
●
it(16)
●
itunes
(19)
●
java
(273)
●
javascript
(136)
●
jboss
(10)
●
jdbc
(12)
●
jenkins
(11)
●
jmeter
(11)
●
job
(22)
●
jobqueue
(11)
●
jq(6)
●
jquery
(20)
●
jsf
(11)
●
json
(10)
●
jvm
(26)
●
jwt
(11)
●
k8s
(48)
●
keepalive
(8)
●
kernel
(11)
●
kms
(9)
●
kvs
(24)
●
lambda
(65)
●
later
(6)
●
law
(44)
●
lb(11)
●
ldap
(8)
●
ldr
(16)
●
leadership
(9)
●
library
(6)
●
license
(35)
●
life
(11)
●
lifehack
(11)
●
lifehacks
(12)
●
lint
(18)
●
linux
(60)
●
lion
(7)
●
lisp
(10)
●
livedoor
(7)
●
llm
(19)
●
lock
(8)
●
log
(24)
●
lvs
(7)
●
mac
(151)
●
mail
(49)
●
make
(8)
●
management
(109)
●
markdown
(10)
●
marketing
(6)
●
math
(12)
●
maven
(12)
●
memcached
(12)
●
memory
(16)
●
microservices
(20)
●
microsoft
(13)
●
mixi
(25)
●
mobile
(25)
●
mock
(16)
●
mod_jk
(6)
●
mod_rewrite
(6)
●
module
(13)
●
monitor
(7)
●
monitoring
(21)
●
moose
(6)
●
mq(13)
●
multitenancy
(7)
●
mvp
(13)
●
mysql
(69)
●
nat
(6)
●
network
(24)
●
news
(8)
●
nft
(6)
●
nginx
(9)
●
niconico
(15)
●
node
(15)
●
node.js
(29)
●
npm
(8)
●
ntp
(8)
●
nuclear
(8)
●
oauth
(36)
●
oauth2
(6)
●
objective-c
(7)
●
okr
(10)
●
oome
(7)
●
openapi
(6)
●
openid
(16)
●
openidconnect
(10)
●
operation
(6)
●
or(8)
●
oracle
(78)
●
organizations
(8)
●
orm
(10)
●
oss
(32)
●
owasp
(6)
●
pagination
(11)
●
passkey
(6)
●
pdf
(23)
●
pdm
(22)
●
performance
(41)
●
perl
(504)
●
perlbrew
(6)
●
physics
(9)
●
pinpoint
(8)
●
pipes
(10)
●
plack
(16)
●
plagger
(16)
●
plantuml
(7)
●
plenv
(6)
●
podcast
(7)
●
poe
(7)
●
politics
(10)
●
postgresql
(54)
●
powerpoint
(11)
●
powershell
(8)
●
presentation
(16)
●
prisma
(7)
●
process
(7)
●
productivity
(12)
●
profile
(7)
●
programming
(73)
●
prompt
(9)
●
protocolbuffer
(11)
●
prototyping
(10)
●
proxy
(14)
●
psgi
(6)
●
psychology
(14)
●
pubsubhubbub
(9)
●
pushnotification
(8)
●
python
(39)
●
quality
(10)
●
quicksight
(10)
●
rag
(29)
●
rails
(11)
●
rds
(19)
●
react
(44)
●
redis
(13)
●
redmine
(6)
●
redux
(9)
●
reference
(7)
●
reflection
(6)
●
regex
(7)
●
remember the milk
(11)
●
research
(15)
●
responsive
(9)
●
rest
(16)
●
rfc
(17)
●
rls
(10)
●
route53
(6)
●
rpc
(8)
●
rss
(6)
●
rtm
(15)
●
ruby
(46)
●
s3
(16)
●
saas
(12)
●
scansnap
(6)
●
scheme
(14)
●
screen
(19)
●
scrum
(41)
●
search
(9)
●
security
(94)
●
selenium
(6)
●
self-organization
(9)
●
sendgrid
(12)
●
serverless
(17)
●
serverlessframework
(9)
●
servicemesh
(6)
●
ses
(12)
●
shell
(21)
●
shellscript
(16)
●
si(19)
●
sier
(23)
●
skk
(8)
●
slack
(12)
●
snow
(11)
●
snowleopard
(9)
●
society
(24)
●
socks
(6)
●
software
(28)
●
spa
(7)
●
spf
(9)
●
spinnaker
(8)
●
spring
(12)
●
sql
(17)
●
ssh
(16)
●
ssl
(16)
●
ssm
(16)
●
startup
(142)
●
statistics
(27)
●
stepfunctions
(7)
●
stl
(9)
●
storage
(18)
●
struts
(7)
●
study
(6)
●
subversion
(14)
●
systemd
(10)
●
tcp
(22)
●
teams
(7)
●
template
(10)
●
terminal
(6)
●
terraform
(85)
●
test
(78)
●
textlint
(7)
●
thread
(13)
●
thunderbird
(6)
●
thunderbolt
(7)
●
tips
(40)
●
tmux
(6)
●
todo
(25)
●
tomcat
(17)
●
toodledo
(9)
●
tool
(42)
●
touch
(11)
●
transaction
(6)
●
travel
(6)
●
tuning
(7)
●
tv(7)
●
twilio
(7)
●
twitter
(47)
●
typescript
(32)
●
ubuntu
(7)
●
ui(27)
●
unicode
(15)
●
unity
(13)
●
unix
(17)
●
untagged
(187)
●
usb
(8)
●
ux(20)
●
vagrant
(8)
●
validation
(9)
●
vault
(8)
●
vc(8)
●
vimperator
(15)
●
virtualization
(24)
●
vmware
(13)
●
vpn
(8)
●
vscode
(23)
●
vsphere
(24)
●
wallpaper
(9)
●
web
(26)
●
web2.0
(8)
●
webapp
(9)
●
webdesign
(7)
●
webservice
(20)
●
websocket
(29)
●
websphere mq
(13)
●
wikipedia
(21)
●
windows
(41)
●
windows7
(7)
●
wireless
(7)
●
word
(7)
●
workspaces
(7)
●
wsl
(8)
●
xs(15)
●
yahoo
(9)
●
yapcasia
(15)
●
yapcasia2009
(15)
●
yapcasia2010
(17)
●
yapcasia2011
(11)
●
youtube
(17)
●
zsh
(12)
●
あとで読む
(29)
●
オープンソース
(7)
●
コマンド
(7)
●
ツール
(8)
●
ドキュメント
(8)
●
フリーソフト
(27)
●
仕事
(21)
●
仕事術
(37)
●
伊藤直也
(7)
●
名言
(8)
●
小飼弾
(22)
●
就職
(21)
●
後でやる
(18)
●
後で読む
(34)
●
後で買う
(38)
●
本
(44)
●
生き方
(23)
●
社会
(8)
●
自己啓発
(27)
●
*programming
(635)
●
perl
(504)
●
aws
(364)
●
*book
(298)
●
*software
(282)
●
java
(273)
●
db(222)
●
*tips
(203)
●
*emacs
(191)
●
untagged
(187)
関連タグで絞り込む (8)
●
aws
●
certificate
●
consul
●
gitlab
●
iam
●
license
●
ssh
●
terraform
タグの絞り込みを解除
vaultに関するkiririmodeのブックマーク (8)
●
9 users
●
github.com/openbao
●テクノロジー
You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session. You switched accounts on another tab or window. Reload to refresh your session. Dismiss alert
kiririmode
2023/12/10
●vault
●
24 users
●
www.hashicorp.com
●テクノロジー
TerraformInfrastructure as code provisioning
kiririmode
2023/08/14
●terraform
●vault
●license
●consul
●
1 user
●
medium.com/@jackalus
●テクノロジー
kiririmode
2022/02/07
●gitlab
●aws
●vault
●
1 user
●
christina04.hatenablog.com
●テクノロジー
概要 HashiCorp VaultにはDynamic Secretsという期限の付いた認証情報を動的に生成してパブリッククラウドやDBへのアクセスをセキュアに保つ仕組みが用意されています。 課題・背景 秘密情報とその周辺の認証を一元化し、適切な暗号化・Auditなどをしっかりしたとしても以下の課題が残っています。 鍵情報を用意してもローテーション運用が大変 退職者が出るたびにローテーションしなきゃいけない 鍵の共有化 影響範囲が分からず削除できない 漏洩しても誰が使ったのか分からない 起動時だけ秘密情報が必要なのに永続的にどこかに残すのがセキュアでない ログやクラッシュレポートに秘密情報が吐き出されてしまったり ref: https://www.hashicorp.com/blog/why-we-need-dynamic-secrets Dynamic Secretsはそれを解決するため
kiririmode
2019/08/13
●aws
●vault
●iam
●
1 user
●
developer.hashicorp.com
●テクノロジー
kiririmode
2019/08/13
●vault
●ssh
●certificate
●
5 users
●
christina04.hatenablog.com
●テクノロジー
背景 AWSを運用しているとEC2のsshのキーペア管理が難しいです。 GCPであればメタデータにsshキーを登録すれば自動で各VMにsshできる仕組みがありますが、AWSは各インスタンスにsshのキーペアを1つだけ登録するようになっているため、複数人で運用するにはぱっと以下の方法が浮かびます。 複数人でキーペアの秘密鍵を共有 authorized_keysに全員の公開鍵を登録 adduserで各メンバーのsshを設定 しかしそれぞれ問題があります。秘密鍵の共有はセキュリティ的に大きな問題がありますし、後の2つは起動時に設定するのが非常に手間です。 仮にLambdaなどで新規サーバに対して設定する処理を自動化しても、あとからジョインしたメンバーは別途対応しなくてはいけません。 そこでsshを公開鍵認証でなく、CA認証を使うことで複数のメンバーでも管理しやすくします。CA認証は以下の記事で
kiririmode
2019/08/13
●vault
●ssh
●
4 users
●
www.hashicorp.com
●テクノロジー
Sign up for freeGet started in minutes with our cloud products TerraformInfrastructure as code provisioning
kiririmode
2017/06/30
●aws
●consul
●vault
●
158 users
●
www.hashicorp.com
●テクノロジー
Today we announce Vault—a tool for securely managing secrets and encrypting data in-transit. From storing credentials and API keys to encrypting passwords for user signups, Vault is meant to be a solution for all secret management needs. A modern system requires access to a multitude of secrets: credentials for databases, API keys for external services, credentials for service-oriented architectur
kiririmode
2015/04/29
●vault
1
お知らせ
ランキング
今週のはてなブックマーク数ランキング︵2024年7月第3週︶
ランキング
今週のはてなブックマーク数ランキング︵2024年7月第2週︶
お知らせ
はてなブックマーク透明性レポート︵2024年2月-2024年4月︶
もっと読む
公式Twitter
●@HatenaBookmark
リリース、障害情報などのサービスのお知らせ
●@hatebu
最新の人気エントリーの配信
処理を実行中です
キーボードショートカット一覧
j次のブックマーク
k前のブックマーク
lあとで読む
eコメント一覧を開く
oページを開く
●総合
●一般
●世の中
●政治と経済
●暮らし
●学び
●テクノロジー
●エンタメ
●アニメとゲーム
●おもしろ
●アプリ・拡張機能
●開発ブログ
●ヘルプ
●お問い合わせ
●ガイドライン
●利用規約
●プライバシーポリシー
●利用者情報の外部送信について
●ガイドライン
●利用規約
●プライバシーポリシー
●利用者情報の外部送信について
●公式アカウント
●ホットエントリー
●はてなブログ
●はてなブログPro
●人力検索はてな
●はてなブログ タグ
●はてなニュース
●ソレドコ
Copyright © 2005-2024 Hatena. All Rights Reserved.
設定を変更しましたx
GitHub - openbao/openbao: OpenBao exists to provide a software solution to manage, store, and distribute sensitive data including secrets, certificates, and keys.
HashiCorp
Dynamic AWS Credentials in GitLab Pipelines with Hashicorp Vault
HashiCorp VaultのDynamic Secrets - Carpe Diem
Signed SSH Certificates - SSH - Secrets Engines | Vault | HashiCorp Developer
HashiCorp VaultでSSHをCA認証に - Carpe Diem
Consul and Vault on AWS: Quick Start Guides
HashiCorp Vault