Centralized Automated Vault Solution

{data.wordpressPost.author.name}
by Rhonda O'Connor
Published on July 29, 2020 in
Project Experience

Delivering a reliable outcome for role-based access with automated rotating credentials and achieving 99.995% availability.

Confidential Client

FORTUNE 500 / GLOBAL INSURANCE CO.

Achieved desired outcomes

Challenge

The client requested a long-term Amazon Web Services (AWS) cloud strategy which required a working, tested, proof of concept, and an implementation plan for role-based access that met specific security and performance criteria. The client explicitly requested:

  • Reusable, predictable, repeatable, and auditable deployment patterns for an agile-based delivery model,
  • Automated rotating credentials every N++ days
  • A high-availability architecture – all software-defined, all enterprise deployable

Solution

Working closely with the client, the Trility team provided multiple options and recommendations guiding early architecture iterations leading to the baseline proof of concept. As part of the implementation, Trility continued to work with the client’s team members using HashiCorp’s Terraform to automate and deploy Vault. The system was set up in clusters to achieve high availability with the least amount of human interaction and was deployed throughout four environments: Learning, Development, Pre-Production, and Production.

Outcomes

  • Delivered proof of concept and early roadmapping
  • Seamless transition to integrated implementation teams comprised of both Trility and client teams
  • Built a centralized, automated Vault solution to enable the use of secret role-based access in automated pipelines
  • Achieved four nines (99.995% availability) 
  • Three environments – Development, Test, and Production – use this pattern
  • Provided mentoring on HashiCorp’s Terraform to achieve a repeatable and automated state

Reusable Patterns

  • Role-based access template for the enterprise cloud user base
  • Terraform deployment patterns used for coaching internal cloud engineering teams
  • Reusable enterprise Vault template serves every group in client’s cloud (and more) for authorized based roles

Want to Automate Permissions?

If you need to refactor or automate permissions in a cloud, on-prem, or hybrid ecosystem, we can help you equip your people and your company to build better.

For this client, HashiCorp products were the ideal solution. Learn more about our partnership with HashiCorp or get in touch with us to navigate to a simplified, automated, secured solution.

Related Insights

All Project Experience →

Featured Insights