Secrets Management - Githubissues

wondrous-dev / wondrous-frontend

wondrous-frontend.vercel.app

GNU General Public License v3.0

15 stars 5 forks source link

Secrets Management #40

Open mralanlee opened 2 years ago

mralanlee commented 2 years ago

Where should secrets or sensitive data (like API keys) be stored?

Currently, sensitive data is stored in Kubernetes as Secrets, but these are just base64 encrypted, and do not offer audit or rotation. A few considerations:

HashiCorp Vault (open source)
Google Secrets Manager (cloud)
Doppler (cloud)

mralanlee commented 2 years ago

I think this could be broken down into an epic, but kicking this off as a Discovery item. There's many considerations such as using solutions that would within the ideas of DAO and open source.

andywong418 commented 2 years ago

Sounds like Vault would be the best way to manage the open source aspect, which would make this into an epic for sure!