Runtime environment
Incomplete article
More content to come as soon as possible. Want to contribute? Contact us on Slack (requires a Bouvet user account) or see the following issue on GitHub
- Using secrets (Keyvault, environment variables)
- No secrets in the source code
- Use environment variables, keyvaults or similar
- Principle of least privilege
- SELinux policy
- Avoid multi-user environments. Isolate VMs and containers
- Who has access
- Offboarding
- Just-in-time access
- How do you manage secrets?
- Azure Keyvault, AWS Secrets Manager
- Limited lifespan on secrets?
- Avoid sensitive data outside production environments
- Use test data
- Never reuse secrets across environments