What are the best practices for managing secrets for azure Apps ? Managing secrets is a key challenging area in a first moving world . There are N number of issues that can arise, if we are not securely stored and managed the secrets of an application. Preservation of pem files, tokens , key chains , certificates and connection strings are really important to store it secured.
It is not at all preferable to store it in a local file storage or in your git account. There are lots of issues will be happened when we are moved this file to production environment. So we need to define what are the things are secrets for your application. For some people password , key chains, pem files and some people connection strings , Storage passwords, private keys etc.
In the current world, we can build and deploy Cloud Apps in many ways. we can use
- Web apps
- Cloud Services
- Service Fabric Apps etc.
Regardless of how we build the app , the common challenge that we are facing is secrets and how we are going to keep and manage the secrets of your app.
These are the common issues, that we seen in today’s world
- Bad Guys (Especially the Hackers )
- 80 % of data breaches are caused by silly mistakes by those responsible for managing the secrets.
So these days, we are much using Continues integration , Continues build and Continues deployment.So keeping the secrets in our own head is not a good idea at all and we need to store this data somewhere to perform the automation.
So how we can handle the Secrets ? and what are the best practices the we need to follow?
Best Practices for Managing Secrets for Azure Apps – Part 2