maria-discuss team mailing list archive

[Karthick Subramanian <ksubramanian@xxxxxxxxxxxxxxx>]

Hi Obsa,

Thank you for sharing this link, sounds interesting. In case you succeed
with this Vault implementation, kindly share us your experience (may be a
blog post on this). I am also looking for implementing something similar
without AWS KMS option.

Thank you.



On Tue, Feb 27, 2018 at 5:59 AM, <obsa@xxxxx> wrote:

> Sergei,
>
> Still looking for some alternative to AWS.
>
> I did find 'Vault', a well-established & active project
>
>    https://www.vaultproject.io/intro/index.html
>
> which appears to be an on-premises alternative to AWS & HSMs
>
> with open sources here
>
>   https://github.com/hashicorp/vault
>
> and a "MariaDB Secrets Engine"
>
>   https://www.vaultproject.io/docs/secrets/databases/mysql-maria.html
>
> "The database secrets engine generates database credentials dynamically
> based on configured roles. It works with a number of different databases
> through a plugin interface. There are a number of builtin database types
> and an exposed framework for running custom database types for
> extendability. This means that services that need to access a database no
> longer need to hardcode credentials: they can request them from Vault, and
> use Vault's leasing mechanism to more easily roll keys."
>
> Has there been any work on a Vault-based MariaDB plugin with key
> management/rotation capabilities similar to that provided by the AWS
> offsite solution?
>
>
> _______________________________________________
> Mailing list: https://launchpad.net/~maria-discuss
> Post to     : maria-discuss@xxxxxxxxxxxxxxxxxxx
> Unsubscribe : https://launchpad.net/~maria-discuss
> More help   : https://help.launchpad.net/ListHelp
>