In October this year the annual flagship HashiCorp conference known as HashiConf takes place.
I can now announce that I am speaking at the conference! 🎉
The abstract of my talk is this:
Learn how to leverage IssueOps on GitHub to build a self-service access management solution for cloud resources together with Terraform, Vault, and Boundary. Issue-templates and GitHub Actions workflows allow you to build a user-friendly self-service experience, with the list of issues serving as an audit log of who requested access to what, when, and why. A key takeaway is the developer centric experience to building a solid and extensible access management solution centered around Boundary.
When I was writing this abstract I wrote way more than the 500 character limit that was allowed. So what I wanted to write was this:
Chances are that your source code lives on GitHub. Even if it doesn’t, GitHub is a developer-friendly platform for much more than source code version control. IssueOps is a common practice on GitHub for automating tasks triggered by issues. In this talk you will learn about using IssueOps with GitHub Actions and HashiCorp Boundary to set up a self-service solution to automate human-to-machine access management. The self-service experience for a user starts by requesting access to a Boundary target for a specified duration of time by creating an issue on GitHub. The creation of an issue kicks off a GitHub Actions workflow that handles the interaction with Boundary to set-up just-in-time access for the requested target. The user can access the target for the requested duration through the Boundary UI, CLI, or API. When the duration has expired, or the user closes the issue, another GitHub Actions workflow is triggered to remove the user’s access to the target. Everything is automated and driven by issues. With issue templates on GitHub you can craft user-friendly forms simplifying the self-service experience for your users. You can collect all the required information from the user in the issue; what target to access, for how long, and a motivation to why the access is required. The list of issues serves as an audit-log of all access requests. Key takeaways include how you can build your own unified but highly customizable self-service solution for accessing Boundary targets no matter where they run.
There will be an accompanying blog post for my talk published at the same day or slightly after the conference. I believe the talk will be recorded and made available on YouTube, and it might even be live-streamed during the conference. The talk will take place on October 16, at 14:25 local time (US Eastern Time).
This will be my first presentation on a conference of this scale. I am looking forward to it!
You can see additional details of my talk at the conference website.
