Secrets Management
When dealing with sensitive information (e.g., passwords, encryption keys, etc.), it is important to ensure that this information is not exposed directly in the configuration (YAML) files.
Using Environment Variables
The recommended way to handle sensitive information is to use environment variables. This allows you to keep sensitive information out of the configuration files and instead reference them in the configuration. We can use the !env
tag to reference environment variables in the YAML configuration.
Example
sensitive_info: password: !env MY_PASSWORD
In this example, the password
key will be populated with the value of the MY_PASSWORD
environment variable.