An evening on Secret Management in the Cloud

By Maik van der Gaag June 6, 2023

This evening, we will be back with the Dutch Cloud MeetUp! The theme for this evening will be Secret management in the cloud. And, as this is in person, there will be a welcome with food and drinks, provided by our sponsor Brink Software.

18:00 - 18:45 : Dinner + Welcome

18:45 - 18:50 : Welcome speech

18:50 - 19:35 : 1st Session - Mojtaba Imani: Secret management in AWS

19:45 - 20:30 : 2nd Session - Henry Been: Passwordless authentication on Azure: the answer to building secure solutions

Mojtaba Imani

Mojtaba is a freelance platform engineer that works with Kubernetes in AWS. He holds multiple certiifcations and is experienced in platform architecture and engineering. He has worked with a multitude of tools and languages, including C++, C#, Python, Go and typescript.

Session: Secret management in AWS

AWS Secrets Manager is a service that you can store your secrets and passwords including database users. In the case of database users, it is a best practice that you create a separate user for each service that is going to connect to the database with the minimum privileges that is necessary for that service. You can create a username and password in Secrets Manager to keep the passwords in a safe place but in the database you have to connect manually and create that user inside the database yourself. Also It is a good practice to rotate your passwords regularly and Secrets Manager has a mechanism to do that. But after rotating the passwords in the Secrets Manager you have to update the passwords for all users inside the database manually yourself and imagine if there are many different services with their own user password, how difficult it would be to update them manually. In this talk I will show you how to use AWS SAM (Serverless Application Model) and AWS Secrets Rotation to rotate all the passwords automatically in the Secrets Manager and also inside the database.

Henry Been

Henry Been is an independent architect and developer from The Netherlands. He enjoys working with software development teams to create and deliver great software for the Azure cloud. His interests include the Azure cloud, Agile, DevOps, software architecture and the design and implementation of testable and maintainable software.

Besides his work he is a conference speaker at international conferences, is the author of two books, and creates online training courses for Pluralsight and A Cloud Guru. For his work in the community he has been awarded the Microsoft MVP Award since 2019. To follow Henry you can go to his blog or look him up on Twitter: @henry_been

Session: Passwordless authentication on Azure: the answer to building secure solutions

We all know the pain of managing passwords and application secrets. Storing them securely, rotating them frequently, ensuring they are not leaked during development, deployment, or at runtime. And then the paperwork to ensure we comply with all the regulations!

What if we can build applications that do not require passwords for system-to-system authentication? In this session, Henry will show you how you can build an Azure application that uses App Service, Service Bus, two different types of databases, and more - without using a single secret for authentication!


Brink Software

Groot Handelsgebouw

Stationsplein 45 unit A6.002

3013 AK Rotterdam