From the course: Microservices: Security
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Secrets management
- [Instructor] Microservices often need to store secrets. Things like client credentials, database passwords, and SSL certificates that must be kept confidential. Unfortunately, many developers take a trust the network or security through obscurity approach to protecting secrets. This causes secrets to wind up in difficult but not impossible to reach places. You'll find them in properties, files, hard-coded strings docker files, container images, and environment variables. If you use these techniques, your microservices secrets won't be so secret anymore with a little bit of access to source control in image registry or host. Luckily, container orchestration platforms like Kubernetes, OpenShift and others provide better approaches to managing your secrets. Now there's no excuse to bake them into a container image. These platforms typically have an embedded secrets management capability that allows you to create and securely…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.