Speaker

Rob Barnes

Rob Barnes

Senior Developer Advocate, HashiCorp

Robert, also known as DevOps Rob, is a Senior Developer Advocate at HashiCorp. His focus is primarily on Cloud security. He comes from a Network engineering background and more recently in his career, he has been working as a Cloud Consultant, helping customers extract maximum value from the Cloud. His experience spans across multiple sectors, from Banking and Fintech to Transport, Charities and Cyber Security. He is a strong advocate for open source, security best practices and building diverse Communities.

Encrypting Kafka messages at rest to secure applications

Whilst Kafka has the ability to encrypt data in transit, it does not have the functionality out of the box to encrypt data at rest. This places the responsibility of encryption of data placed on message queues on developers. Implementing cryptography correctly in our applications is challenging and time consuming.

In this demo-driven talk, I will show you how you can use HashiCorp Vault’s API to implement a simple workflow that offsets the complexity of cryptography to Vault. In just a few lines of code, I will demonstrate how message producers will be able to encrypt its data, whilst message consumers can decrypt message payloads with minimal development effort. I will also show how to troubleshoot common errors from the API.

By the end of this talk, you will learn how to implement symmetric and asymmetric encryption of your application data before placing it on Kafka message queues. You will also learn how to implement this workflow using Format Preserving Encryption (FPE).

Rob Barnes

Senior Developer Advocate, HashiCorp