Skip to Main Content
Manage properly credentials in Oracle Cloud Infrastructure with OCI Vault

About This Workshop

Youtube Video

About This Workshop
In the fast-evolving landscape of OCI, safeguarding sensitive information is paramount. This workshop is designed to equip participants with a comprehensive understanding of common pitfalls associated with handling credentials in OCI environments. By delving into real-world scenarios and practical examples, attendees gain valuable insights into the potential risks and vulnerabilities that can arise from mishandling credentials.

The workshop kicks off with a cautionary tale, illustrating a scenario where a user inadvertently stores credentials in a public bucket. This all-too-common mistake serves as a powerful reminder of the potential consequences when security measures are not diligently followed. Participants are guided through the anatomy of such a lapse, exploring how an unauthorized person could exploit the exposed credentials to gain unauthorized access and compromise the security of the entire system.

As the workshop progresses, emphasis is placed on the importance of adopting a robust credential management strategy. The focal point of this strategy is the usage of OCI Vault, a versatile and secure solution for managing secrets and protecting sensitive data in dynamic cloud environments. Attendees will be taken through a step-by-step demonstration of how OCI Vault can be seamlessly integrated into cloud workflows to enhance security and mitigate the risk of unauthorized access.


In this workshop, you will:

Lab 1
- Understand the challenges associated with storing credentials in OCI buckets for automation purposes.
- Recognize the potential risks and security implications of mishandling credentials within an OCI setup.
- Experience the consequences of unauthorized access resulting from the misuse of credentials.

Lab 2
- Comprehend the risks associated with publicly accessible buckets in OCI.
- Explore the perspective of an attacker gaining unauthorized access to a public bucket.
- Analyze the potential exploits and risks involved when managing credentials in publicly accessible storage.

Lab 3
- Learn the importance of secure credential management in OCI.
- Utilize OCI Vault to securely store and manage credentials.
- Understand the proper workflow of accessing credentials from OCI Vault and applying them to interact with REST APIs.

Workshop Info

2 hours
  • Lab 1: A developer persona who tries to do some usual devops work in OCI setup and stored the credentials to some REST API in OCI Bucket for easier automation (i.e., fetch key from bucket and access REST API). This will demonstrate a misuse of keys and additional access gained.
  • Lab 2: An attacker persona who can access that bucket (due to it being publicly accessible) and now can access the REST API as well. This will show how an attacker could retrieve the same key in a public bucket and the risk of managing the keys in public buckets.
  • Lab 3: Back to the developer persona to leverage OCI Vault to store the credentials and access it from vault then to the REST APIs. This will show how to properly manage the keys in the OCI vault.
  • Some understanding of cloud  terms is helpful
  • Familiarity with Oracle Cloud Infrastructure (OCI) is helpful

Other Workshops you might like