The commoditization of technology has reached its pinnacle with the advent of the recent paradigm of Cloud Computing. Infosys Cloud Computing blog is a platform to exchange thoughts, ideas and opinions with Infosys experts on Cloud Computing

« Managing vendor product licenses during large scale migration to cloud | Main | Artificial Intelligence(AI) In Security Landscape »

Microservices and Secrets management - How to comply with security must-dos

Microservices - The light of every modern developer's life:

Microservices is now becoming the most preferred method for creating distributed and components-based applications on cloud. This architectural style allows developers to develop, deploy, test and integrate modular components with much ease. When an application is built using the microservices model, smaller modular services are created instead of one autonomous monolithic unit. These modular services are then tied down together with the help of HTTP or REST interfaces. But this distributed model results in proliferation of interfaces and the communication between them generates several secrets management challenges. Some application secrets that need to be secured in a microservices deployment model are:

  • Environment variables - If not secured can pose security risk and affect the smooth running of processes.
  • Database credentials - Usernames and strong passwords to connect to a resource.
  • API keys - API keys must be used for restricted access to applications.
  • SSL/TLS certificates - SSL or TLS certificates are essential to avoid data or security breaches.

Secrets management in monolithic applications world:

In a monolithic application, secrets are stored in various places like:

  • Application code and configuration files
  • Passed as environment variables
  • Stored in data bags and databases tables
  • Scripts and machine images
  • Gaps in secrets management in a monolithic model: 

  • Some if the gaps can be summarized as below

    • Secrets sprawl - On several occasions, companies are unaware of being compromised.
    • Decentralized secrets - Secrets become confined to the limited operators with no repository to store them ; If a secret is compromised, it cannot be easily revoked or rotated.
    • Limited auditing - Limited or no insight into who is accessing a secret ; Limited logging makes it difficult to track who has access to confidential data.

      Microservices requires a robust secret management system:

      Microservices brings with it a host of security and secrets management challenges.

      • Each microservices modular has its own database and credentials, thereby increasing the number of secrets to be managed.
      • Several developers & operators and applications have access to the database, thus making certificate management, credential storage, API keys etc. extremely difficult to manage.
      • With automated deployment in Micro Services, there are additional credentials for creation of resources (mostly in cloud), access to code and artifact repository, machine credentials to install components, etc.

      There is a need for centralized secrets management system so that enterprises adopting a microservices model can effectively manage secrets and handle security breaches by adhering to these must-dos:

      • Secure storage of various type of secrets (API Token, Keys, Certificates, username & passwords)
      • Reliable API based access to secrets
      • Dynamic secret distribution for automated encryption and authentication of keys
      • Full Audit of access to secrets.
      • Multi-level role based access to secrets
      • Centralized revocation of secrets and redistribution

      Diagram below illustrates how centralized secret management helps manage a large repository of secrets:

      How to keep your microservices secrets safe without compromising on security and automation?

      • A secrets hierarchy design should account secrets isolation per application, environment and a fail-proof revocation of secrets when required.
      • To further strengthen the secrets structure, access policies and role based mappings need to be built to support emergencies by making them version controlled and automated.

      Let's take a look at some secrets management scenarios and examples:

      • Servers on which microservices needs to be deployed with certificates - On cloud, as the servers come and go, a centralized certificate management system helps generate certificates on the fly, thus allowing immediate deployment to servers. Certificate keyStore and trustStore need to be secured with passwords which can be kept safe and retrieved from a secrets management solution. A PKI secret backend and generic secrets storage comes in handy to automate all of these with minimum risk to security.
      • Microservices and applications need access to their own database or data stores. It makes sense to isolate the database/data access credentials using a generic secrets storage to maintain renewal, rotation and revokes easily as per requirement.
      • When automated environment provisioning needs access to a software installable repository - For example, an Apache server provisioning can be automated with an Apache software installable accessed from a software repository. The repository can be accessed using generic credentials or an API key. A centralized secrets management solution is the right place to store these credentials and achieve automation with no compromise on security.

      In conclusion: to simplify and automate secrets management, solutions are available from Cloud providers like AWS KMS, Azure Key Vault and from specialized security solution like Hashicorp Vault. The paradigm shift with respect to secrets management needs to be understood by enterprises adopting microservices, to ensure that their transformation journey provides the agility as required in the most secure manner possible.


      Crisp and imformative

      Post a comment

      (If you haven't left a comment here before, you may need to be approved by the site owner before your comment will appear. Until then, it won't appear on the entry. Thanks for waiting.)

      Please key in the two words you see in the box to validate your identity as an authentic user and reduce spam.