Welcome to a story about edge computing, where innovation collides with data security and regulatory compliance challenges. Organizations like Lil' Big Mining Co. are at the forefront of this evolving landscape, leveraging existing and new use cases yet to be uncovered. However, a significant challenge they face is securing this new frontier while meeting stringent compliance standards. Our journey with Lil' Big Mining Co. highlights their strategic decision to pursue SOC2 certification, a critical step in addressing these challenges.

Abstract In this blog post, we’ll explore the common sources of friction that teams encounter when writing, deploying, supporting, and securing applications. We’ll examine various personas within a team and discuss how the HashiCorp stack, comprising Terraform, Vault, and Consul, can help alleviate these challenges and foster a high-functioning, content team. Introduction Friction is an ever-present challenge in the world of software development and IT operations. In today’s interconnected IT landscape, teams across various domains face a multitude of hurdles when it comes to writing, deploying, supporting, and securing applications and systems.

I presented this talk at HashiConf Global in 2021 and always intended to write it as a blog, finally getting around to it. In this blog post, we will discuss how HashiCorp Vault and HashiCorp Waypoint can be used together to manage secrets during application deployment. In addition to secret management, Vault provides excellent auditability, which can help with tracking down who used what secret and meeting compliance requirements. Understanding Secrets and Ephemeral Credentials A secret is a piece of sensitive information, such as API keys, passwords, or certificates, that should be kept confidential and secure.