Łukasz is a developer who likes to understand how things work under the hood. He is a core developer of hermes.allegro.tech, a message broker built on top of Apache Kafka. He works in a team who creates libraries and services improving Allegro microservices architecture.
Safe storing passwords and access control to them should be prioritized in every IT environment. During the presentation I will introduce Vault, an open source project written for this purpose. I will focus on two aspects of how Vault is used in Allegro infrastructure. For over a year it has been acting as an certificate office. Every single service running on Marahton receives certificate from Vault. Thanks to this, service can safely download its configuration and use communication over HTTPS. Recently, Vault also can provide “cryptography as a service” allowing for encryption and decryption of sensible data on the fly.