DrupalSouth 2017

I was lucky enough to have my topic Can You Keep a Secret? selected for DrupalSouth Auckland in November.

In this presentation I will run through the basics of secret management, before diving into recipes for leveraging tools like HashiCorp Vault and AWS KMS in your Drupal projects.

It is shaping up to be a great conference - there are a lot of really interesting talks scheduled, including 9 from my PreviousNext colleagues!

My original session proposal is below - hope to see you there!

Can You Keep a Secret?

Every Drupal application has its secrets - and I don’t mean that dodgy code you wrote during an all-nighter. Database credentials, API keys, personally identifiable information - a secret is any data which could cause harm to your organisation if exposed.

This session will introduce the concepts of secrets and secret management, before moving onto practical examples of securely storing secrets in Drupal.

Who should attend this session?

This session is aimed at mid-to-senior Developers, operations engineers, and site builders looking to improve the security posture of their projects.

What takeaways can attendees expect?

  • A conceptual understanding of secret management and its advantages.
  • Ability to leverage Key module to securely store secrets in Drupal.
  • An overview of the major secret management tools currently in the marketplace, including Amazon KMS and Hashicorp Vault.
  • Resources to kick-start your journey to secure Drupal applications.

A big thank-you to my employer PreviousNext for sponsoring my travel and conference days.