From 3cc43c46c67b78cc924d9e3df335acf93c8d9035 Mon Sep 17 00:00:00 2001 From: Engin Diri Date: Wed, 9 Oct 2024 18:07:43 +0200 Subject: [PATCH] feat: add Why Storing Secrets in Environment Variables is a Bad Idea blog --- .../why-storing-secrets-in-env-vars-is-a-bad-idea/index.md | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/content/blog/why-storing-secrets-in-env-vars-is-a-bad-idea/index.md b/content/blog/why-storing-secrets-in-env-vars-is-a-bad-idea/index.md index 464dfc903dbb..5bd8ba23616d 100644 --- a/content/blog/why-storing-secrets-in-env-vars-is-a-bad-idea/index.md +++ b/content/blog/why-storing-secrets-in-env-vars-is-a-bad-idea/index.md @@ -160,11 +160,9 @@ With the Pulumi ESC SDK, we can fetch the secrets at runtime when they are neede ## Conclusion -Storing secrets in environment variables is a bad idea. It may be convenient, but it is definitely not secure. Don't -make it easy for attackers to compromise your system: +Storing secrets in environment variables is a bad idea. It may be convenient, but it is definitely not secure. Don't make it easy for attackers to compromise your system: -- Use a secret management system, like [Pulumi ESC](/product/secrets-management/). It provides a secure and compliant way to store and access secrets, - which you will never get with environment variables. +- Use a secret management system, like [Pulumi ESC](/product/secrets-management/). It provides a secure and compliant way to store and access secrets, which you will never get with environment variables. - Fetch secrets only at runtime when they are needed. - Don't expose secrets in logs or process dumps.