Hello, in our application, kratos is deployed using helm charts under kubernetes. Currently the environment settings like DSN, which has DB username and password, is passed using k8s secrets. Since the secrets are storing as base64 encoded, it remains less secured, is there any way to pass sensitive environment data securely to kratos? Please share your thoughts.
02/04/2022, 5:53 PM
@User We store our secrets in Hashicorp Vault and deploy Kratos using Terraform (with the helm module) and retrieve the secret in Terraform using the vault module with a vault-token that has limited access policies.
02/04/2022, 7:46 PM
Thanks @User, I will give it a try with key vault and see.