Secure Access to AI Training Environments with Vault SSH

Question

Pulumi · Accepted Answer

To secure access to AI training environments using SSH, you can leverage Vault's SSH Secret Backend. HashiCorp's Vault is a tool for secrets management, encryption as a service, and privileged access management. The SSH Secret Backend in Vault is useful for dynamically generating SSH credentials to access systems securely.

In Pulumi, using the Vault provider, we can set up the SSH Secret Backend's Certificate Authority (CA), allowing us to sign SSH keys and thus guarantee the identity of the client connecting to the AI training environment. We'll also define a role that will specify the access policies.

The process involves these steps:

1. Create a SecretBackend for SSH in Vault, which will provide a mount point.
2. Use this backend to set up a SecretBackend CA which will store a generated signing key.
3. Define a SecretBackendRole that specifies the access policies and which will be used to generate signed SSH keys.

Let's walk through the Pulumi program that sets this up.

```python
import pulumi
import pulumi_vault as vault

# The `backend` will specify the mount point for the SSH secrets.
ssh_backend = vault.SshSecretBackend("ssh-backend",
    path="ssh",
    description="SSH secret backend to generate SSH credentials for AI training environment access")

# The `SecretBackendCa` resource manages the CA key pair in Vault which is used to sign SSH client keys.
ssh_ca_key = vault.SshSecretBackendCa("ssh-ca-key",
    backend=ssh_backend.path,
    generate_signing_key=True,
    ttl="87600h")

# The `SecretBackendRole` defines the access policies and duration for a signed SSH key.
ssh_role = vault.SshSecretBackendRole("ssh-role",
    backend=ssh_backend.path,
    name="training-environment",
    key_type="ca",
    ttl="24h",
    allow_user_certificates=True,
    key_id_format="vault-{{role_name}}-{{token_display_name}}-{{random_8_bytes_hex}}",
    allowed_users="*",
    allowed_critical_options=[],
    allowed_extensions=["permit-pty"],
    default_extensions=[],
    allow_user_key_ids=True)

# Output the CA public key and role name
pulumi.export("ssh_ca_public_key", ssh_ca_key.public_key)
pulumi.export("ssh_role_name", ssh_role.name)

```

Explanation of the program:

- `vault.SshSecretBackend`: This resource creates a new mount point in Vault for storing SSH secrets. We specify the path where the secret backend will be accessible and a description for clarity.

- `vault.SshSecretBackendCa`: This resource creates a new CA key pair that Vault will use to sign SSH keys. You enable `generate_signing_key` to automatically create a signing key pair.

- `vault.SshSecretBackendRole`: This is the role definition for the SSH secret backend. It includes details such as the allowed duration for a signed SSH key (`ttl`), the key type, and user certificate permissions. `allowed_users="*"` indicates that signed keys can be used to log in as any user. We're using the `ca` key type because we want to sign user SSH keys.

- `pulumi.export`: This is used to output values from Pulumi to be available outside of the Pulumi program. Here we export the generated CA public key and role name for reference or use in automation scripts.

By executing this Pulumi program, you would create the necessary Vault resources to securely manage SSH access to your AI training environments. Once this infrastructure is provisioned, you would distribute the CA public key and set the signed key generation process based on the defined role policies. SSH clients will then request Vault to sign their keys, and Vault will use this CA to provide a signed SSH key which can be used to securely access the desired training environment.