Main difference between the secrets

[relemedf5w23]

The management feature in the open source Docker 1.13.1 update and its counterpart in Docker Datacenter is that the latter has additional access control. McCauley explained that Docker Cluster supports access control for applications that need access to secrets when running in the cluster: “An additional feature of Docker Datacenter is access control for developers and administrators interacting with the system. So you can assign secrets to a specific group, who are then allowed to assign secrets to their own applications.”

Role-based access control in the Docker Datacenter update can also be integrated with existing enterprise identity systems, including Microsoft Active Directory.

However, simply storing secrets securely is not enough to albania whatsapp data them safe, as there is still the potential for them to be leaked through the app. “Apps will be more secure when the secret is not actually stored in the app itself,” McCauley explained.

In this regard, Docker encrypts the centralized secrets store in the cluster, and all secrets are transferred to containerized applications via Transport Layer Security (TLS) tunnels. Secrets are accessible to applications only through RAM and are not stored in the individual storage segment of the application container.

The idea of ​​having a secrets management tool for applications is not new in principle. Another initiative that provides secrets management is the open source Vault project, which also integrates with the Aqua Container Security Platform 2.0 update released on February 2.

According to McCauley, "Vault has made a good system, but it's not directly integrated into the container management platform. The idea behind Docker is that users want deeply integrated secrets management that can bridge the gap between developer activity and production operations."

Seal