Update: Secrets Management Cheat Sheet #1530
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Fixes OWASP#1289 Add a new section on secrets management in a multi-cloud environment to the `cheatsheets/Secrets_Management_Cheat_Sheet.md` file. * **Introduction**: Discuss the unique challenges of managing secrets in a multi-cloud environment. * **Challenges**: List the challenges such as diverse APIs, inconsistent security policies, key rotation, access control, and auditing and monitoring. * **Best Practices**: Provide best practices including using a centralized secrets management solution, standardizing security policies, automating key rotation, implementing fine-grained access control, and enabling comprehensive auditing and monitoring. * **References**: Add references to tools and resources like HashiCorp Vault, CyberArk Conjur, AWS Secrets Manager, Azure Key Vault, and Google Cloud Secret Manager. --- For more details, open the [Copilot Workspace session](https://copilot-workspace.githubnext.com/OWASP/CheatSheetSeries/issues/1289?shareId=XXXX-XXXX-XXXX-XXXX).
|
@mackowski Are these the expected changes for the above issue? |
szh
reviewed
Nov 4, 2024
|
Looks good for me! |
mackowski
previously approved these changes
Nov 12, 2024
|
@rohitg00 Can you move it higher up in the document? I don't think it should be all the way at the end, certainly not after "Related Cheat Sheets and Further Reading" |
rohitg00
commented
Nov 12, 2024
szh
approved these changes
Nov 12, 2024
mackowski
approved these changes
Nov 12, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Fixes #1289
Add a new section on secrets management in a multi-cloud environment to the
cheatsheets/Secrets_Management_Cheat_Sheet.mdfile.