SpringOne Platform 2017
Peter Blum, Pivotal; Scott Frederick, Pivotal
From the platform all the way down to the microservices which run upon it, secrets are everywhere and leaking them can be a costly experience. Understanding security best practices, such as encrypting secrets while in transit; encrypting secrets at rest; rotating secrets regularly; preventing secrets from unintentionally leaking when consumed by the final application; and strictly adhering to the principle of least-privilege, where an application only has access to the secrets that it needs—no more, no less.....can be daunting. A new Cloud Foundry Foundation project, CredHub, was designed for these reasons. This session will take a fresh look at how to enhance security within Cloud Foundry and applications through secret management by utilizing CredHub in conjunction with Spring Cloud Services.