Bruno Pedro detailed blog post focusing on secure storage of your API keys in the cloud. Many people store sensitive information in private git repositories. If you do this, please think about it twice.
Storing API Keys, or any other sensitive information, on a git repository is something to be avoided at all costs. Whenever you integrate a third-party application with one of the services like GitHub, GitLab, Bitbucket, you might be opening your private repositories to those third parties.
He then describes how to use various tools to encrypt keys:
- git-remote-gcrypt lets you encrypt a whole git repository
- git-secret is a tool that works on your local machine and encrypts specific files
- git-crypt is a binary executable to encrypt your files
- BlackBox from Stak Overflow supports the encryption of small strings and not just entire files
- Heroku configuration and config vars
- Docker secrets
- AWS Parameter Store
This article will help you become aware of the dangers of storing sensitive information such as API keys and secrets on public and also private git repositories. Click on the link to learn how to mitigate the risks. Great!
[Read More]