Recent
Vault (Part 4): Dynamic Secrets for Kubernetes Pods with External Secrets Operator
·2387 words·12 mins·
loading
·
loading
This is Part 4 of the GitOps series. In Part 1, we bootstrapped Vault. In Part 2, we built our CI/CD pipeline. In Part 3, we finally killed the static kubeconfig.
Vault (Part 3): Secure Kubernetes Authentication with HashiCorp Vault OIDC
·5171 words·25 mins·
loading
·
loading
This is Part 3 of the GitOps series. In Part 1, we bootstrapped Vault. In Part 2, we built the full CI/CD pipeline. Now, we’re solving the final, massive headache: getting secure, dynamic kubectl access.
Vault (Part 2): Secure On-Prem Automation with Ephemeral Runners and Tailscale
·2226 words·11 mins·
loading
·
loading
This is Part 2 of the GitOps series. Part 1 covered bootstrapping and configuring HashiCorp Vault (the one-time terraform-admin work) and the design goals for Zero Trust secrets management.