cortexproject / cortex

A horizontally scalable, highly available, multi-tenant, long term Prometheus.
https://cortexmetrics.io/
Apache License 2.0
5.47k stars 797 forks source link

Alertmanager Secrets stored in plaintext #1700

Open jtlisi opened 5 years ago

jtlisi commented 5 years ago

As things currently stand each users alertmanager configuration is stored as a plaintext JSON byte object in a postgres table. Since alertmanager configs contain api keys and passwords functionality should added to ensure the config is not stored as plaintext but instead an encrypted format of some type.

pstibrany commented 4 years ago
friedrichg commented 1 year ago

This bug is specific to the deprecated configs. With the new alertmanager API, secrets are stored in block-storage where the encryption is (can be) performed in the backend.