I've been having trouble with syncing secrets across our development, staging, and production environments. It seems like different teams are using various methods—some are on Vault, others prefer AWS Secrets Manager, and a few just go with environment variables. I'm curious about how others approach this. Do you think it's better to standardize on one tool, or should teams have the flexibility to choose? Any tips for making this process smoother?
3 Answers
Just a quick note—secrets should never cross the boundary between production and non-production environments. In fact, it's best to treat any platform services running in non-prod as if they were in production, but applications shouldn’t mix those two worlds.
I really believe standardizing on a single vault is essential. It helps avoid confusion and makes managing secrets much easier for everyone. Plus, having consistent tooling that everyone can use is a game changer.
I think it’s important to allow teams some choice in which tool they prefer, as long as they're fully responsible for managing it. It can lead to accountability and better alignment with their specific needs.
Related Questions
Can't Load PhpMyadmin On After Server Update
Redirect www to non-www in Apache Conf
How To Check If Your SSL Cert Is SHA 1
Windows TrackPad Gestures