Sharing secret keys in docker containers
From a Docker context point of view the secure distribution and traceability of secrets is a core concern in the new microservices and containerized environments, where software entities are constantly spawned and deleted. The best solution is to use a key-value store to keep secrets and retrieve them from the container at runtime.
In this talk I will show how to save secret keys in containers in production and best practices for save and secure distribution of secrets in docker containers.
These could be the main talking points:
1.Challenges of security and secret keys in containers
2.Best practices for save and secure distribution of secrets in docker containers
3.Other tools for distribute secrets in containers like Hashicorp Vault and KeyWhiz
Vaults keeps a detailed audit log to keep track of all the secrets and the access and manipulations performed by each user,in this way is ery easy trace any suspicious interaction.
KeyWhiz stores secrets encrypted in memory and provides access via a REST API and a command-line interface
Jose Manuel Ortega
Software engineer & Security ResearcherView Speaker Profile