Watch On-Demand Sessions
Day 1 Opening Keynote
Join HashiCorp Co-Founder and CTO Armon Dadgar, and CEO Dave McJannet as they kick off HashiConf Europe with the Opening Keynote, where you will hear the product updates and announcements that we have in store for you.
Day 2 Opening Keynote
HashiCorp Co-Founder and CTO Armon Dadgar will open the second day of HashiConf Europe with another morning keynote.
The Path to Modern Infrastructure Automation
This session will cover the path to infrastructure automation with a focus on the infrastructure provisioning workflows, the ecosystem, and infrastructure lifecycle management. We will highlight the most recent enhancements and features in Terraform and Packer, as well as our direction and vision for the next phases of infrastructure automation.
In this session, we will walk through the upcoming features and vision for Waypoint over the next six months.
Non-Technical Challenges of Platform Engineering
Building successful infrastructure platforms is not just about IaC or using the latest technologies and tooling. Poppy and Chris will draw on their experiences of creating successful infra platforms to talk about why many technically awesome infra platforms fail. This will be a session about all of the non-technical aspects of building infrastructure platform, from strategy, product thinking, service design, and release planning, to team ways of working.
Steep Approach: Landing Safely in GCP With TFE
The concept of cloud landing zones is standard practice for large corporations. Certain fundamentals need to be established: automation, blueprints, IAM, networking, and security. For Deutsche Bank, deploying to GCP was exciting but uncharted terrain. One of the key decisions has been the role granted to Terraform Enterprise. This talk will highlight the key features that have enabled teams to safely land in GCP, in production, during the first year of Deutsche Bank's partnership with Google.
Journey to Hybrid Multi-Cloud
In 2019, Elanco completed a corporate separation, achieving 95% cloud adoption, and now embarks on a hybrid multi-cloud journey with HashiCorp Terraform Cloud.
Terraforming Our Tenant: Self-Serving Apps as Code
Learn how NBIM tackles the challenge of brownfield deployments as they share their journey using Terraform and custom modules to self-service Azure AD applications.
WebAssembly and Nomad for Next Wave Microservices
First came virtual machines. Then containers. Now WebAssembly is poised to be the next wave of cloud computing. With blazing fast speeds, tiny binaries, and security by default, Wasm is the foundation for a new generation of microservices. When we began building our open source Wasm platform, we chose to build it on Nomad, Consul, and Vault. Attendees will leave understanding WebAssembly, its potential on the cloud, and why Nomad is the ideal orchestrator for Wasm.
Terraform Cloud: Validate Infrastructure and Enforce OPA Policies [Learn Lab]
In this lab, use both Terraform preconditions and Terraform Cloud run tasks to validate configuration and enforce policy compliance. First, use Terraform preconditions to make sure that users don’t deploy bastion hosts that are too big. Then, configure a Terraform Cloud run task to enforce Styra OPA policies that prevent users from creating AWS security groups that allow public ingress. Finally, define organizational policies that only let specific Terraform Cloud users deploy infrastructure changes on Fridays.
HCP Packer: Build a Golden Image Pipeline [Learn Lab]
In this lab, use Packer to create a golden virtual machine (VM) image with the Loki Docker plugin and Promtail built in. You will then build an application image from the golden base image, reference it in Terraform configuration, and verify that it is valid using the HCP data source and a Terraform Cloud run task. Finally observe the application streaming logs to Grafana using the tools it inherited from its golden base-image. Join us to learn how to build golden image pipelines for your immutable infrastructure with HCP Packer and Terraform Cloud.
Evolution of Infrastructure Management
This session will present how Terraform Cloud adds never before realized ways to provision, manage, and track infrastructure at scale.
Using Terraform Enterprise to Support 2500+ Users
Learn how Booking.com leverages Terraform Enterprise to support 2,500 active development users on its private cloud.
Running Trusted Payloads With Nomad and Waypoint
This talk will focus on steps we can add to our build pipelines to protect ourselves from supply chain attacks using Nomad and Waypoint.
Golden Image Factory With HCP Packer & Terraform
This session will provide a walkthrough of the "golden image factory" workflow enabled by HCP Packer. Learn how to track and publish machine images via our new multi-cloud artifact registry and then how to let your application developers provision those images with guardrails in Terraform Cloud.
Progressive Deployments With Consul Service Mesh
During this session, learn the risks associated with application deployments and how Consul service mesh can reduce these risks. This will include how to use Consul to enable application developers to introduce a new version of their application into production in a measured and safe way, protecting the end user from any errors in the new version. The talk will cover everything you need to know, from patterns and procedures and how to set up the required software in your own environment.
Building a PaaS With Waypoint
Waypoint was released in 2020, to streamline the build, deploy, and release process for developers. In this session, see how Waypoint is leveraged to build a PaaS-like experience for developers with WayPaaS, automating the whole lifecycle of Waypoint and integrating GitOps practices.
Observing the HashiCorp Ecosystem From Prometheus
Consul and Vault empower many production deployments. Therefore, monitoring them and understanding their behavior is critical to ensure business continuity. This talk will go over how to use Prometheus to monitor those services and will provide useful patterns you can apply to your local stack to do so. Lessons learned from the Nomad production stack will be highlighted as well as experience gathered at different customers.
Secrets Management at Swiss Federal Railways (SBB)
HashiCorp Vault Enterprise is the ideal solution at Swiss Federal Railways (SBB) to tackle their secrets management challenges. In less than 6 months SBB went from zero to production. In a joint session by SBB and Adfinis, they present their learnings, challenges, and integrations in an enterprise environment. They will provide insights into the multi-cloud architecture on OpenShift following cloud native practices and how they address Vault governance using their self-service portal.
Achieving GitOps for Database Lifecycle at GoPay
GoTo Financial is one of the biggest payment providers in Southeast Asia. In this talk, hear about their experience in transforming the management of stateful components lifecycle from IaC to GitOps approach.
The speakers will delve deep into how they have managed 2,500+ database servers with Terraform, ranging from provisioning, updating, auditing, security hardening, to setting up database-specific observability metrics.
Vault Updates & Future Directions
This talk will discuss the evolution of Vault in the past year and future direction (roadmap).
How a Top European Cloud Provider Migrated to TFE
We often hear about the use of TF and TFE, but what about its use in large structure. Hear the story of OVHcloud, one of the biggest European hosting and cloud providers, with their challenges (large at-scale infra, security, self-provisioning via API) and the benefits. Was the choice to switch from an “homemade” solution to the migration of its teams to TFE easy? Aurélie and Horacio will tell you this story through figures, anecdotes, and internal feedback from their teams.
Consul - Product Updates and Future Vision
At HashiConf 2021, we talked about phases of adopting Consul to address networking challenges and achieve zero trust security through the lens of a fictitious space exploration startup. Join us in continuing this journey, as we describe additional product capabilities with a focus on a new federation model that enables loosely coupled service mesh architectures.
Boundary: Then and Now
Since its initial delivery at HashiConf 2020, Boundary has made massive strides in providing users with a comprehensive solution to their secure remote access needs. Join us to learn more about this progress as well as what is next for Boundary.
Roche - Securing & Connecting Healthcare Platforms
Roche is a Swiss multinational healthcare company focusing on both pharmaceutical and diagnostics. As a global provider of a diverse set of products typically installed on customer premises, Roche faces heterogeneous environments that need security credentials for communicating with remote services and platforms. Join this talk to learn how they use HashiCorp Vault, Consul, and other technologies to securely distribute credentials from their corporate network to systems across the world.
Auto-Configure Your Vault and Boundary With CTS
This session will show how Consul and Vault together can automate and secure access to your application using Consul Terraform Sync to automatically configure Boundary and Vault to generate a dynamic token for a Postgres database. Simple deployment of a new database to your Kubernetes will trigger automation for dynamic credentials, zero trust for human access, and rainbows with unicorns.
Vault & AWS Lambda - Towards a Sub-Minute Recovery
Hear about how Yoox Net-A-Porter Group solved the challenge of making operations on a Vault cluster hosted on AWS and how to construct a scalable infrastructure.
In particular, the operations of demoting/promoting Vault DR clusters, generating DR operations batch tokens, switching the weights of a DNS weighted-policy between DR clusters' endpoints and more. Leveraging all these lambdas, they managed to have a Mean Time To Recovery (MTTR) of just, in principle, a couple of seconds.
Consul + Vault / Consul API Gateway [Learn Lab]
This Learn lab features two topics, each topic will teach you how to consume two new Consul features; Vault as Secrets Management for Consul, and Consul API Gateway with HashiCorp Cloud Platform (HCP).
In the first part of the session, you will learn how to configure Vault as the secrets management for Consul in a Kubernetes environment. The second part of the session will teach you how to use Consul API Gateway with HCP.
HCP Vault Operations With Terraform [Learn Lab]
Two topics are covered in this Learn lab, including migration of a self-hosted Vault server to HashiCorp Cloud Platform (HCP) along with scaling and replication in HCP.
In the first part of the session, you will learn how to migrate a Vault server with Terraform codified configuration to HCP. The second part of the session will teach you about HCP Vault cluster scaling and performance replication.
Multi-Runtime Service Mesh With Consul
Operators today face an ever-growing list of runtimes to support: from container orchestrators like Kubernetes, Nomad, and ECS, to serverless platforms like Lambda, to VMs. In this deep dive, learn how Consul unifies networking across runtimes and helps implement zero-trust security, improve observability, and increase reliability.
Event-Driven Access Controls
Learn how to create an automated process system that automatically grants access to infrastructure for on-call engineers when an incident is triggered and revokes access once the incident is resolved. The talk will walk through the steps required to build a fully automated event-driven workflow using HashiCorp Boundary, Consul, and Vault that gives engineers the required access while adhering to the principle of least privilege, managed by a central security policy.
Our Journey Into Secrets Management With Vault
Hear about the process of integrating HashiCorp Vault Enterprise in TomTom - the choice of HashiCorp Vault for secret management, the process of creating the first POC (OSS), MVP, and what the challenges were. Learn about TomTom's automatization of infrastructure deployments, Vault management in Terraform, and the ups and downs of that. Lastly, see how Vault was integrated with Kubernetes and how the secret management solution is being offered to clients (developers).
Vault in BBVA, Secrets in a Hybrid Architecture
Hear about Vault usage within BBVA's new architecture, implementing all services supporting the best banking application of the world for five years in a row (The Forrester Digital Experience Review). The speakers will cover how and why they transitioned from OSS to Enterprise, to adopt BBVA's required hybrid architecture on-prem / AWS, in both Spain and Mexico. Vault has become one of the best replicated services BBVA, with an outstanding performance and a flawless implementation.
Secure Together: Consul + Vault
How do you better secure service-to-service communication? In this session, you will learn the ways you can combine Consul and Vault to encrypt traffic between services, control API authorization, and implement least-privilege access across services. Dive into setting up Vault to manage certificates for Consul API Gateway and service mesh on Kubernetes, Consul-Terraform-Sync to automate Vault configuration, and Consul intentions and Vault secrets engines to control access to services.
Secure Remote Access With Boundary and Azure AD
The need for secure remote access to dynamic, cloud-based resources is growing rapidly, and traditional access solutions are no longer suitable for protecting critical infrastructure resources at scale. Join this talk to hear about the latest trends in identity-based security and to see a demo of how HashiCorp Boundary and Microsoft Azure Active Directory are transforming privileged access with automated, simple, and secure remote access. Pete Pacent of HashiCorp will be co-presenting.
Mesh Federation Deep Dive
Join us for a deep dive and demo of connecting and routing services running across different data centers with Consul.
Using CD Pipelines to Upgrade Vault at Scale
Wix uses multi-regional, replicated clusters running on Kubernetes. Upgrading these at scale can be a chore, so they took the documentation and automated them using a CD pipeline. In this talk, you will learn how they went from manual upgrades to fully automated upgrades clusters at scale.