Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[RA2 Ch05] Secrets management #995

Closed
tomkivlin opened this issue Jan 30, 2020 · 2 comments
Closed

[RA2 Ch05] Secrets management #995

tomkivlin opened this issue Jan 30, 2020 · 2 comments
Labels
Backlog
Projects
old-RA2

Comments

@tomkivlin
Copy link
Collaborator

From deep dive in Prague:
Secrets Mgmt
Do we really need to test for hardcoded passwords? (yes)
Is this for accessing the cluster or app-level?
@rabi-abdel rabi-abdel added this to To do in old-RA2 via automation Feb 6, 2020
@rabi-abdel rabi-abdel added RA 2 and removed RA 2 Ops labels Feb 6, 2020
@tomkivlin tomkivlin moved this from To do to Backlog in old-RA2 Feb 7, 2020
@rabi-abdel rabi-abdel modified the milestones: M3 (Freeze Contributions), Backlog Feb 25, 2020
@rabi-abdel rabi-abdel removed this from the Backlog milestone May 15, 2020
@karinesevilla karinesevilla added Kali Release Name for 1h2021 and removed Backlog labels Mar 25, 2021
@project-bot project-bot bot moved this from Backlog to To do in old-RA2 Mar 25, 2021
@karinesevilla
Copy link
Collaborator

Rewrite Chapter 5 section 5.12 for secrets management to be more prescriptive

@karinesevilla karinesevilla changed the title [RA2] Ch6 - secrets [RA2 Ch05] - secrets Mar 25, 2021
@karinesevilla karinesevilla changed the title [RA2 Ch05] - secrets [RA2 Ch05] Secrets Mar 25, 2021
@karinesevilla karinesevilla changed the title [RA2 Ch05] Secrets [RA2 Ch05] Secrets management Mar 25, 2021
@rgstori rgstori moved this from To do to Backlog in old-RA2 Jun 22, 2021
@rgstori rgstori added Backlog and removed Kali Release Name for 1h2021 labels Jun 22, 2021
@rgstori rgstori removed this from the Kali - M2 - Scope Freeze milestone Jun 22, 2021
@karinesevilla
Copy link
Collaborator

karinesevilla commented Jan 20, 2022
edited

Secrets Management section (5.12) has been expanded in chapter 5 (https://github.com/cntt-n/CNTT/blob/master/doc/ref_arch/kubernetes/chapters/chapter05.md#512--secrets-management).
It addresses hard coded passwords:
"It is also important to implement the following:
Check there are no hard-coded passwords, keys, and other sensitive items in the container application.
Where possible use security tools to automate scanning for hard-coded passwords, keys, and other sensitive items in the container application"
@rgstori This issue can be closed

@rgstori rgstori closed this as completed Jan 23, 2023
old-RA2 automation moved this from Backlog to Done Jan 23, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Backlog
Projects
No open projects
old-RA2
  
Done
Milestone
No milestone
Development

No branches or pull requests
4 participants
@rgstori @rabi-abdel @karinesevilla @tomkivlin