Demo showing off the UI: CRUD actions and search
The Equifax hack was yet another reminder that the state of security in our industry is abysmal. There are social and technical reasons:
- Security is seen as an expense, rather than an investment
- Infrastructure tooling that aids with security is badly documented, difficult to set up, and painful to manage (or all three).
One of the largest leaps forward in the tooling space over the last few years was HashiCorp Vault. Vault is a secret store, an encryption-first database. This is a piece of software that manages the lifecycle of critical pieces of information. It helps companies track critical pieces of information and ensures
In our experience, Vault is a fantastic piece of software, but not without it's flaws. A lack of a good, free (even as in beer) management UI is one of the biggest problems.
What it does
During HackZurich, we developed the UI for HashiCorp Vault that we were missing in our work. Coglar has a slick and speedy interface and allows for easy editing of secrets.
How we built it
Vault exposes a HTTP API. We program against it with a single page application, written in Elm. The only thing you need to run it is a Vault instance and a browser.
Challenges we ran into
Implementation was pretty straightforward.
- Designing the right UI for the task at hand
- Cutting scope creep
- Getting build tooling working without obscure package managers
Accomplishments we're proud of
- The UI is pretty fantastic, if we say so ourselves
- The code is reasonably clean and easy to extend, especially for hackathon standards.
What we learned
- How to work with Elm
- How liberating the functional reactive programming model can be for UI applications.
What's next for Coglar
- Support alternative authentication mechanisms such as GitHub
- Token and policy management
- Audit interface
- Document production setup
- Lean password manager