GitHub - jarrid-xyz/keyper-tutorial: This is a self-paced tutorial walking you through how to use Keyper to handle some of the most common tasks in data security and encryption such as whole file encryption or data value encryption.

Keyper Tutorial

👋 Welcome to the Keyper tutorial!

This is a self-paced tutorial walking you through how to use Keyper to handle some of the most common tasks in data security and encryption such as whole file encryption or data value encryption. The tutorial is fully set up in Visual Studio Code Dev Containers and we've already installed all the required dependency for you. That said, you can also clone the keyper-tutorial and run it locally.

Introduction

Keyper by Jarrid is a suite of crypto key management APIs designed to simplify key creation, management, deployment, and encryption/decryption in a standardized and secure way. Operations are file-based and can be easily automated, tracked, audited, and managed via file-based processes such as GitOps. Fully integrated with cloud KMS services such as AWS KMS or GCP KMS, Keyper leverages managed crypto key generation and reduces the infrastructure maintenance burden.

Questions and Feedback

Throughout the tutorial, if you have any questions, here are a couple places you can reach out for help:

• Reach out to us at Jarrid.
• Ask questions on our discussion board.

If you have any feedback throughout the tutorial or at the end, we'd also very appreciate it if you could spend 30 seconds taking a short survey to help us improve.

Getting Started

There are two ways to run this tutorial. This repo is set up to be run in Visual Studio Code Dev Containers with the Runme extension.

Run this in vscode with our templated devcontainer configuration. Runme extensions and Terraform will be pre-installed. You can do so by

git clone git@github.com:jarrid-xyz/keyper-tutorial.git
code keyper-tutorial

You will be prompted to open the folder in devcontainer, make sure you select Reopen in Container.

Alternatively, you can clone this repository and install the Runme extension separately. Note that this might require you to install additional dependencies if you don't already have them installed on your local environment.

Without further ado, let's get started with the first step: ➡️ Pulling the Keyper Docker Image

Table of Contents

• Keyper Tutorial

  • Introduction

  • Questions and Feedback

  • Getting Started

  • Table of Contents

  • Data Security and Encryption Use Cases

    • Whole File Encryption on Cloud Storage
    • Sensitive Data Value Encryption
    • Encryption Key and Access Management

  • Tutorial

    • 1. Pull Keyper Docker Image
    • 2. Create App Configuration And Credentials
    • 3. Create Deployment, Role and Key
    • 4. Deploy via Terraform
    • 5. Encrypt/Decrypt
    • 6. Use Cases

Data Security and Encryption Use Cases

Here are some practical data security and encryption use cases we will cover in this tutorial, showcasing how simple it is to implement them with Keyper.

Whole File Encryption on Cloud Storage

This tutorial will show you how to tackle data vulnerabilities identified by popular cloud security platforms like Dig or Wiz. [Bonus] Take one step further to automate this operation within your existing tech stack.

Sensitive Data Value Encryption

Encrypt individual data values to protect sensitive information. This is useful for publishing records with encrypted fields (e.g., via Kafka) or encrypting raw values before database insertion. This tutorial will share a few examples of how Keyper can be integrated with data handling clients to perform schema-aware encryption and decryption for single data values.

Encryption Key and Access Management

This tutorial will show you how to use encryption keys to simplify access control across data platforms and infrastructure by integrating with IAM roles and permissions, instead of creating row/column-level permissions for each data store or platform individually.

Tutorial

The tutorial is organized into several directories, each containing a README.md file with example commands and explanations. Commands are executable on CodeSandbox, where we've already pre-configured the environment for you.

1. Pull Keyper Docker Image

Set up the Docker environment to get started with Keyper.

➡️ Go to Tutorial

2. Create App Configuration And Credentials

Create the necessary application configuration and credentials for Keyper.

➡️ Go to AWS Tutorial
➡️ Go to GCP Tutorial

3. Create Deployment, Role and Key

Create the deployment, role, and encryption key, and use Keyper to manage these resources.

➡️ Go to Tutorial

4. Deploy via Terraform

Deploy the infrastructure using Terraform. [Bonus] You can easily integrate Terraform into your existing CI/CD process.

➡️ Go to AWS Tutorial
➡️ Go to GCP Tutorial

5. Encrypt/Decrypt

Perform encryption and decryption operations with Keyper to secure sensitive information.

➡️ Go to Tutorial

6. Use Cases

Combine steps 1-5, we'll show you how you can handle some of the most common data security and encryption use cases with Keyper:

• Whole File Encryption on Cloud Storage:

  • ➡️ Go to AWS Tutorial
  • ➡️ Go to GCS Tutorial

• Sensitive Data Value Encryption: ➡️ Go to Tutorial

• Encryption Key and Access Management: ➡️ Go to Tutorial

• Deploy Keyper via Github Action: ➡️ Go to Tutorial