Skip to main content

Runtime environment

Incomplete article

More content to come as soon as possible. Want to contribute? Contact us on Slack (requires a Bouvet user account) or see the following issue on GitHub

Information related to runtime environment
  • Using secrets (Keyvault, environment variables)
  • No secrets in the source code
    • Use environment variables, keyvaults or similar
  • Principle of least privilege
    • SELinux policy
  • Avoid multi-user environments. Isolate VMs and containers
  • Who has access
    • Offboarding
    • Just-in-time access
  • How do you manage secrets?
    • Azure Keyvault, AWS Secrets Manager
    • Limited lifespan on secrets?
  • Avoid sensitive data outside production environments
    • Use test data
  • Never reuse secrets across environments