Support Mobycast
-> https://glow.fm/mobycast <-
In this episode, we cover the following topics:
- What is secrets management and why we need it for our cloud-native applications.
- Guidelines for best practices when handling secrets.
- We walkthrough a simple, roll-your-own approach to secrets management using encryption (KMS) and an object store (S3).
- Although this is a simple technique, it does provide a very secure (and auditable) approach to secrets handling.
- But, for most situtations, you'll want to leverage an off-the-shelf secrets management solution. We discuss 3 popular choices, including Hashicorp Vault, AWS Systems Manager Parameter Store and Amazon Secrets Manager.
- What are the features you should expect from a secrets management solution.
- We take a closer look at Vault, Parameter Store and Secrets Manager, and discuss the features that each provides.
- We finish with some guidance on how to make the right choice of secrets management solution for your applications.
Links
- Secrets Management for Cloud-Native Applications
- Vault - Unlocking the Cloud Operating Model: Security
- AWS Systems Manager Parameter Store
- How AWS Systems Manager Parameter Store Uses AWS KMS
- Introducing AWS Secrets Manager
- AWS Secrets Manager
- How AWS Secrets Manager Uses AWS KMS
- Rotating Your AWS Secrets Manager Secrets
- Tutorial: Specifying Sensitive Data Using Secrets Manager Secrets
- AWS Secrets Manager now supports VPC endpoint policies
- How to Manage Secrets for Amazon EC2 Container Service–Based Applications by Using Amazon S3 and Docker
End Song
Warming Trend by Aphreaq
More Info
For a full transcription of this episode, please visit the episode webpage.
We'd love to hear from you! You can reach us at:
- Web: https://mobycast.fm
- Voicemail: 844-818-0993
- Email: [email protected]
- Twitter: https://twitter.com/hashtag/mobycast
- Reddit: https://reddit.com/r/mobycast