Azure 最佳实践
[英]Azure best practice
问题描述
What is the best practice with windows Azure key vault. 
Windows Azure Key Vault 的最佳实践是什么。 Is it a good practice to extract keys within the application every time we make use of it or it is good to set them in the OS environment variable.每次我们使用它时在应用程序中提取密钥是一个好习惯还是在操作系统环境变量中设置它们是好的。
2 个解决方案
解决方案1
0 2021-10-18 18:20:30
It depends on what key.这取决于什么键。 You should not be extracting master key, but the associated data keys to encrypt and decrypt.您不应该提取主密钥,而是提取相关的数据密钥来加密和解密。
解决方案2
0 2021-10-18 20:28:05
There is no hard-fast rule here but you should consider the rotation of keys.这里没有硬性规定,但您应该考虑密钥的轮换。 If you need the keys to be rotated often you should consider pulling from Key Vault every time.如果您需要经常轮换密钥,则应考虑每次都从 Key Vault 中拉出。
There are other times in makes more sense to pull once and cache locally.在其他时候,拉一次并在本地缓存更有意义。 This could include your network latency being an issue so it's more cost-effective to pull once then cache.这可能包括您的网络延迟是一个问题,因此拉一次然后缓存更具成本效益。 In this scenario, you will need some mechanism in place to force a new pull if/when the key is rotated.在这种情况下,如果/当钥匙旋转时,您将需要一些机制来强制进行新的拉动。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.