Secret management design decisions: theory plus an example - Sander Knape


21 bookmarks. First posted by adrianh march 2018.


In this blog post, I first explained some Secret Management 101 theory. Keep in mind any requirements you have and think about the design options that I describe. Automation is definitely possible – and quite the fun undertaking – which I show through a simple utility that replaces any placeholders with real secrets from AWS Parameter Store.
While I run the utility during a CodeDeploy deployment, keep in mind that you can also run it in a cloud-init script or even recurring through a cron job or a configuration management tool. Feel free to use and change the script for your specific requirements. Have fun!
Security  password 
4 weeks ago by euler
Secret management is one of those security topics that is often an after-thought while designing systems. Passwords are set up manually, shared through…
from instapaper
9 weeks ago by svs
Secret management design decisions: theory plus an example Secret management is one of those security topics that is often an after-thought while designing systems. Passwords are set up manually, shared through non-secure methods such as e-mail or Slack, and password rotation is often neglected because it’s time-consuming and error-prone. via Pocket
ifttt  pocket  article  programming  secrets  security  tutorial 
march 2018 by jeremyday
"In this blog post I’ll discuss the design decisions that must be made while constructing a secret management automation solution. In addition I’ll share a simple utility that can be used to deploy secrets from AWS Parameter Store to an EC2 instance. This utility is based on a related blog post by AWS, but generalised to make it more useful for pretty much any application that has secrets stored in parameter store."
devops  management  security  programming 
march 2018 by garrettc
Secret management is one of those security topics that is often an after-thought while designing systems. Passwords are set up manually, shared through…
from instapaper
march 2018 by bferg
Secret management is one of those security topics that is often an after-thought while designing systems. Passwords are set up manually, shared through…
from instapaper
march 2018 by tonyandrewmeyer
Secret management is one of those security topics that is often an after-thought while designing systems. Passwords are set up manually, shared through non-secure methods such as e-mail or Slack, and password rotation is often neglected because it’s time-consuming and error-prone. via Pocket
Pocket 
march 2018 by LaptopHeaven