As DevOps teams scale their deployments across cloud-native environments, managing secrets securely becomes a critical challenge. Storing credentials in environment variables or configuration files exposes organizations to risks such as credential leaks, privilege escalation, and compliance violations. This talk will explore how secret managers—such as AWS Secrets Manager, HashiCorp Vault, Azure Key Vault, and Google Secret Manager—enhance security by providing centralized, encrypted, and access-controlled storage for sensitive credentials.
A key focus will be on short-term tokens using OpenID Connect (OIDC) to eliminate the need for long-lived static credentials. By leveraging OIDC-based authentication, DevOps teams can enable secure, just-in-time access to secrets, reducing attack surfaces and improving security posture. We’ll discuss how leading cloud providers and Kubernetes support OIDC for workload identity, enabling seamless and secure access to cloud resources without hardcoded secrets.

Key takeaways:
1. 
Best practices for integrating secret managers into CI/CD pipelines and Kubernetes deployments
2. How OIDC-based short-term credentials improve security and reduce operational overhead

3. Real-world use cases demonstrating how DevOps teams can automate secret management
4. 
Strategies to enforce compliance, auditing, and least-privilege access for DevOps workflows

This session is ideal for DevOps engineers, security architects, and platform teams looking to enhance the security and scalability of their deployments. Attendees will leave with actionable insights and implementation strategies to strengthen their DevOps security posture using modern secret management solutions.