Facilitating the Spread of Knowledge and Innovation in Professional Software Development

Write for InfoQ


Choose your language

InfoQ Homepage Presentations Access and Secret Management in Cloud Services

Access and Secret Management in Cloud Services



Ryan Lane talks about the methods for handling various types of security problems in cloud services as well as the tools they use at Lyft including Google SAML/OAuth2, Octa for identity management/SSO, Confidant, Vault, Sneaker, Credstash and Keywhiz for secret management, Confidant and KMS for secure bootstrapping, and metadataproxy and ec2metaproxy for limiting access to Docker containers.


Ryan Lane is a Security Engineer at Lyft. He's the maintainer of a number of Lyft's Open Source security products, like Confidant, metadataproxy and bandit-high-entropy-string. Ryan also wrote and maintains the AWS orchestration code in SaltStack and is a major contributor to Wikimedia and OpenStack projects.

About the conference

Software is changing the world. QCon empowers software development by facilitating the spread of knowledge and innovation in the developer community. A practitioner-driven conference, QCon is designed for technical team leads, architects, engineering directors, and project managers who influence innovation in their teams.

Recorded at:

Aug 20, 2016