Securely supplying secrets to an app
WHAT IT TESTS: secrets management hygiene. OUTLINE: never hardcode credentials, inject them as environment variables or pull from a secrets manager, and rotate them. RED FLAG: committing the database URI to source control or baking it into the image.
WHAT IT TESTS: handling credentials safely rather than embedding them. ANSWER OUTLINE: the anti-pattern is hardcoding a connection string in code or committing a config file, which leaks it through git history and the image. The best practice is to inject secrets at runtime as environment variables or, better, fetch them from a dedicated secrets manager such as AWS Secrets Manager or Vault with least-privilege access and rotation. Keep secrets out of the build artifact. RED FLAG: committing the URI to git or baking it into the image.
Read the original → interview
- #secrets-management
- #security
- #environment-variables
- #vault
- #paas
Get five bites like this every day.
Tezvyn delivers a daily feed of 60-second tech bites with quizzes to lock in what you learn.