Session

Securing application access to RabbitMQ with HashiCorp Vault

Configuring application access to RabbitMQ without compromising credentials in the source code is a challenging problem to solve. Following security best practices, each set of RabbitMQ credentials represents a single application Identity. Managing application identities at scale as applications and platforms grow becomes an operational burden.

In this demo-driven talk, I will show how you can use HashiCorp Vault to offset the operational overhead of Identity and Access Management. In a few lines of code, I will demonstrate how to configure applications to securely access RabbitMQ using short lived, on-demand credentials. I will also illustrate how the principle of least privileged access can be applied to applications using Vault with RabbitMQ’s Role Based Access Control.

By the end of this talk, you will learn how to configure Vault using Terraform to broker application identity on behalf of RabbitMQ and refactor a simple Go application to implement this authentication workflow.

Rob Barnes

Senior Developer Advocate, HashiCorp

East Grinstead, United Kingdom

Actions

Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.

Jump to top