dirtydozen – Sensitive config

dirtydozen

III. Sensitive config

Don’t share it with everyone

Modern applications are built on the basis of small (distinct) components (microservices) interconnected with each other either at Networking (REST, RPC) level or Code Dependency (Nuget, npm) level. Often these dependencies will require some sort of authentication (who you are) as well as authorisation (what can you do) performed in order to consume these.

Programmatically, this is achieved by identifying yourself as a Client, sometimes this information is also associated with Key and in some cases also a Secret.

These pieces of information are normally stored in configuration files where JSON format being predominant choice in most cases, as per examples below.

{
    "azure": {
        "kv_client": "123456",
        "kv_key": "abcdef",
        "kv_secret": "009988"
    }
}

Read more on dirtydozen

Browse to https://qbituniverse.github.io/dirtydozen/sensitive-config/ to carry on reading about Sensitive config

Marcin Narloch

Marcin Narloch

Creative and out-of-the-box thinker with strong interests and knowledge in technology and innovation.
dirtydozen Previous post dirtydozen – One-trick-pony variables
dirtydozen Next post dirtydozen – Over configuration

Leave a Reply

Your email address will not be published. Required fields are marked *