Hello all,
This relates to that never ending question of securing the credentials in production/staging envs.
I am wondering if anyone would like to comment / share their thoughts about the following approach we are thinking of taking.
Here we go:
During build phase, an encryption key is generated and credentials are encrypted with it.
On deployment end, during the instantiation the credentials are decrypted using the provided key, and the credentials are loaded into memory. At this point all of the initial files are destroyed. The binary now generates a new encryption key an re-encrypts the credentials, both of which are kept in memory. Newly encrypted credentials along with the key are only dumped onto a filesystem if the application panics and requires to be restarted, at which point the same cycle key rotation decryption/encryption happens again.
Do you think whether there is any security benefit with this approach?
There was similar, now closed discussion: