Episode 99. SHHH! It's a secret! (Storing API Keys / Passwords / tokens!)

Ok, so is time to talk about something secretive! Like API Passwords, Auth tokens, or keys... these are things that we want to have as a Secret within our microservice. And yeah, adding them into your source code is a big no-no Here we cover the dos (and dont's) of secret management, what are the benefits and drawbacks of the different solutions and we explore some of our favorite open source (and Cloud tools) for keeping secrets. We answer some important questions on how to effectively store and manage these secrets (the short answer is don't try to do it yourself!), and end up with the list of best practices for it. If you are building a non-trivial (or interesting) web service, this is a must-listen episode! http://www.javapubhouse.com/datadog We thank DataDogHQ for sponsoring this podcast episode Don't forget to SUBSCRIBE to our cool NewsCast OffHeap! http://www.javaoffheap.com/ Language Features Using AWS Secrets Manager to manage secrets in Spring Boot https://raymondhlee.wordpress.com/2019/10/11/using-aws-secrets-manager-to-manage-secrets-in-spring-boot-applications/ AWS Secrets Manager https://aws.amazon.com/secrets-manager/ Spring Cloud AWS https://cloud.spring.io/spring-cloud-aws/reference/html/ Hashicorp Vault https://www.vaultproject.io/ Do you like the episodes? Want more? Help us out! Buy us a beer! https://www.javapubhouse.com/beer And Follow us! https://www.twitter.com/javapubhouse  

Om Podcasten

This podcast talks about how to program in Java; not your tipical system.out.println("Hello world"), but more like real issues, such as O/R setups, threading, getting certain components on the screen or troubleshooting tips and tricks in general. The format is as a podcast so that you can subscribe to it, and then take it with you and listen to it on your way to work (or on your way home), and learn a little bit more (or reinforce what you knew) from it.