You are now in FULL VIEW

Access and Secret Management in Cloud Services
Recorded at:

| by Ryan Lane Follow 0 Followers on Aug 20, 2016 | NOTICE: The next QCon is in London, Mar 4 - 6, 2019. Join us!

Ryan Lane talks about the methods for handling various types of security problems in cloud services as well as the tools they use at Lyft including Google SAML/OAuth2, Octa for identity management/SSO, Confidant, Vault, Sneaker, Credstash and Keywhiz for secret management, Confidant and KMS for secure bootstrapping, and metadataproxy and ec2metaproxy for limiting access to Docker containers.


Ryan Lane is a Security Engineer at Lyft. He's the maintainer of a number of Lyft's Open Source security products, like Confidant, metadataproxy and bandit-high-entropy-string. Ryan also wrote and maintains the AWS orchestration code in SaltStack and is a major contributor to Wikimedia and OpenStack projects.

Software is changing the world. QCon empowers software development by facilitating the spread of knowledge and innovation in the developer community. A practitioner-driven conference, QCon is designed for technical team leads, architects, engineering directors, and project managers who influence innovation in their teams.