[英]Google Cloud Secrets - Reusing a secret
I am using Google Cloud Secrets in a NodeJS Project.我在 NodeJS 项目中使用 Google Cloud Secrets。 I am moving away from using preset environment variables and trying to find out the best practice to store and reuse secrets.我不再使用预设的环境变量,而是试图找出存储和重用机密的最佳实践。
The 3 main routes I've found to use secrets are:我发现使用秘密的 3 条主要途径是:
Google's own best practice documentation mentions 2 conflicting things:谷歌自己的最佳实践文档提到了 2 个相互矛盾的事情:
My questions are:我的问题是:
The best practice is to load one time the secret (at startup, or the first time is it accessed) to optimize performances and prevent API call latency.最佳实践是加载一次密钥(在启动时,或第一次访问)以优化性能并防止 API 调用延迟。 And yes, the access secret quotas is impacted on each access.是的,访问秘密配额会影响每次访问。
If a debugger tool is connected to the environment, Variables and Env Var data can be compromised.如果调试器工具连接到环境,变量和环境变量数据可能会受到损害。 The threat is roughly the same.威胁大致相同。 Be sure to secure correctly the environment.确保正确保护环境。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.