今天就开通帐号,24,700 门业界名师课程任您挑!
Keeping secrets
- [Instructor] Earlier in 2021, 8.3 million plaintext passwords we're exposed. And it's pretty easy to run a search on GitHub that will find some AWS access keys, which might even work. sensitive information shouldn't be that easy to reach. Make sure that your .gitignore does not allow sensitive information to be added to Git. There are several good options for storing and using sensitive data or secrets. It's really up to you and your operation team to come up with a secure scheme. Most of the major cloud providers such as Microsoft, Amazon, and Google has a solution for managing secrets and Vault by HashiCorp is a popular solution if you want to run it yourself. And as usual, do not invent your own. One of the main issues with using secret vaults is the initial password or token that you need to access them. Don't hard-core this token. Use an environment variable or a configuration file. Let's have a look.…
下载课程离线学习
下载课程到移动设备,轻松离线学习。在领英学习 iOS 或安卓版 APP 下载课程