-
Here are some thoughts about secrets and encryption that could be implemented to the Components. With encrypted state.json and encrypted inline secrets, working with version control would be easier.
…
-
Currently, operators include the AWS keys (`server.targets.TARGET.aws.access_key_id` and
`server.targets.TARGET.aws.secret_access_key`) as plaintext in the `cludod.yaml` config file. This isn't gonn…
-
Hi
We're looking into something similar to what you've created here and have some questions:
* Do you have any idea of how portable it is today? I see that I will have to rewrite from using Goog…
-
### Checklist
- [X] I did not find a related open issue.
- [X] I did not find a solution in the troubleshooting guide: (https://cloud.google.com/config-connector/docs/troubleshooting)
- [X] If this i…
-
-
Is there someway to prevent sops from attempting to use KMS and prefer PGP instead when decrypting a file?
-
#### What is the problem you want to solve?
I want to be able to use the filesystem target in production, but since the keys are not encrypted at rest, it would be insecure to do so. Also, the docs…
-
First off let me say thanks for creating and sharing this project!
I'm definitely not a cypto expert but as far as I can tell PBKDF2 is used to derive the AES secret key (which is used for encrypti…
-
**Describe the bug:**
The bug I'll describe has been [reported before in an archived tink repo](https://github.com/tink-crypto/tink/issues/483), it was closed and it is not solved yet.
In summar…
-
Intent: We want to be able to tell users that all their messages are encrypted. This means that even us (admin folk) cannot see what they are talking about.
Why: Privacy is important. We don't wan…