From the course: Microservices: Security
Join today to access over 24,900 courses taught by industry experts.
Secrets management
From the course: Microservices: Security
Secrets management
- [Instructor] Microservices often need to store secrets. Things like client credentials, database passwords, and SSL certificates that must be kept confidential. Unfortunately, many developers take a trust the network or security through obscurity approach to protecting secrets. This causes secrets to wind up in difficult but not impossible to reach places. You'll find them in properties, files, hard-coded strings docker files, container images, and environment variables. If you use these techniques, your microservices secrets won't be so secret anymore with a little bit of access to source control in image registry or host. Luckily, container orchestration platforms like Kubernetes, OpenShift and others provide better approaches to managing your secrets. Now there's no excuse to bake them into a container image. These platforms typically have an embedded secrets management capability that allows you to create and securely…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.
Contents
-
-
-
-
-
-
-
Throttling and rate limiting4m 37s
-
(Locked)
Container runtime security4m 19s
-
(Locked)
Image security5m 4s
-
(Locked)
Audit container security3m 44s
-
(Locked)
Secrets management3m 49s
-
(Locked)
Secure pipelines4m 57s
-
(Locked)
Prevent leaked credentials2m 39s
-
(Locked)
Keep secrets with Key Vault6m 53s
-
-