Time: 15:30 - 16:20
Room: Ft. Worth 1
In a dynamic infrastructure world, let's stop pretending credentials aren't public knowledge in an organization and just assume that they already have, now what? This security focused talk will include:
) A demo of a dynamic credential system integrating applications and PostgreSQL administrators with Vault (https://www.vaultproject.io/) ) A discussion of various risks and assessment for organizations who want to audit access to their databases ) Sample integration with .pgpass for administrators and developers ) Sample integration with applications that read their DB credentials from files and environment variables ) Various Best Practices tips and suggestions ) Q&A
Configs and examples will be available.