Pre-require software are consul, vault and terraform
Many time use different strategies to implement keys security. Most common mistake is to store keys in configuration files such as dockerfile, terraform or any such configuration file. What if developer will store keys openly? The answer is simple use vault to store keys. There is a one problem that is vault in cloud so that application will access around the world. Otherwise developer use Padd-key or content_key.
- Salt Password 🍷
- Pepper Password 📡
- Salt and Pepper Password 🍷
- Secret Shamir Shared Key 📡
Make a directory name it 'consul/data' inside consul.d directory.
Type Ctrl+Shift+T (new terminal) & type following command
[:computer] $ consul agent -dev -enable-script-checks -node=epilson -config-dir=./consul.d
Make a directory named 'vault/data' inside vault directory.
Type Ctrl+Shift+T (new terminal) & type following command
[:computer:] $ vault server -config=vault/config.hcl
Type Ctrl+Shift+T (new terminal) & type following command
[:web] $ export VAULT_ADDR='http://127.0.0.1:8200'
https://learn.hashicorp.com/tutorials/vault/getting-started-deploy
Enable key value secret engine
[:smile:] $ vault secrets enable kv
[:plant:] $ vault kv put kv/consul/config/ hello=world
[:eye:] $ vault kv get kv/consul/config/ hello
More information please vault documentation. However I'm not a contributor of vault or any hashicorp. Perhaps vault will be better solution for keys protection.
$ consul keygen | tee encryption.key
$ vault kv put kv/consul/config/encryption key=$(encryption.key) ttl=1hr
wizdwarfs@gmail.com or follow discord @
https://discord.com/channels/960060161060401172/960060161060401175
37czsff3CcGvhkkJAwykQgQ2ninWum1DNL