Twistlock is excited to announce that we are an official member of the HashiCorp Technology Partner program and have had our robust and battle-tested Vault integration approved by the Vault product management team. Twistlock has had a strong integration with Hashicorp Vault for several years. It’s one of the secrets management tools that our customers rely on across their cloud native fleet. It made sense to build on our joint success and make the partnership official.
While an earlier blog post by Matthew Barker showed the state of the art of Vault integration with Twistlock in 2017 (which included building your own Vault container images), in 2019 it’s even easy to get started with Vault, since you can leverage the official Vault images available on DockerHub. To test things out, fire up a Vault container according to their “Running Vault for Development” instructions. You’ll have Vault running in dev mode and, as before, can use the root token displayed to add Vault as a secrets store right in the Twistlock Console UI.
In the Manage → Authentication → Secrets window in Twistlock, click on the Add Store item in the bottom right-hand corner of the screen. The following Add A New Secrets Store dialog will pop up, as shown below.
Setting the Type – In this dialog, click on the drop down next to the Type and select the HashiCorp Vault option.
Setting the Address of your HashiCorp Vault – In the Address, type the URL and port of the HashiCorp Vault container or service that you’ve configured in your environment.
Setting the Credential Token – Then for the Credential, click the drop down and Add new credential of type API token, if you don’t have one yet. We called ours “Hashi token” in this example. The root token goes in the Access token field and will be encrypted after you save it.
WIth your token safely in place, back in the Add A New Secrets Store dialog click the Add button and you’re all set with HashiCorp Vault being integrated into Twistlock as your secrets store.
To test this from the command line, go back to Matthew’s blog post and start at the Test Your Vault Access section and you should be all set.
Follow us on Twitter
Follow us on Twitter for real time updates on the cloud native ecosystem, Twistlock product, and cloud native security threats.
How to Lock Down the Kernel to Secure the Container HostRead the Blog
One Chapter Ends, Another BeginsRead the Blog
The Greatest Security Risks Lurking in Your CI/CD PipelineRead the Blog
Cloud Platform Radar: Powerful Cloud Asset IdentificationRead the Blog
Securing Serverless Functions: Visibility with Serverless RadarRead the Blog