This event has ended. Visit the official site or create your own event on Sched.
Back To Schedule
Wednesday, May 25 • 11:35am - 12:05pm
Air Marshal: No More Secrets In Your Manifests - Michael Brodhead, Stark & Wayne

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

In real-world use our BOSH and Concourse manifests are littered with secrets: passwords, AWS credentials, SSH keys, you name it. Dealing with these secrets is a pain in the neck. If we check secrets into source control then there are myriad ways to accidentally leak them. Without source control distribution becomes a hassle and we still have some risk of leaking. Ideally we would like to keep production secrets off staff workstations altogether.

Enter Air Marshal. Air Marshal acts as a proxy between staff workstations and BOSH or Concourse. Manifests checked into source control have placeholders wherever secrets are necessary. Air Marshal reads secrets from a secure back-end, adding them to manifests where needed.


Michael Brodhead

Stark & Wayne, LLC
Michael Brodhead, mkb to his pals, works for Stark & Wayne, a consultancy based in Palo Alto, CA. Mkb has worked for financial giants, tiny startups, and everything in between. At Stark & Wayne he helps clients secure and automate large-scale cloud deployments.

Wednesday May 25, 2016 11:35am - 12:05pm PDT
Grand Ballroom GH