---
menu: learn
title: Secrets
weight: 80
aliases: /secrets/
---

:toc:
:_content-type: ASSEMBLY
include::modules/comm-attributes.adoc[]

= Secrets

[id="secret-management"]
== Secret Management

One area that has been impacted by a more automated approach to security is in the secret management. DevOps (and DevSecOps) environments require the use of many different services:

. Code repositories
. GitOps tools
. Image repositories
. Build pipelines

All of these services require credentials. (Or should do!) And keeping those credentials secret is very important. E.g. pushing your credentials to your personal GitHub/GitLab repository is not a secure solution.

While using a file based secret management can work if done correctly, most organizations opt for a more enterprise solution using a secret management product or project. The Cloud Native Computing Foundation (CNCF) has many such https://radar.cncf.io/2021-02-secrets-management[projects]. The Validated Patterns project has started with https://github.com/hashicorp/vault[Hashicorp Vault] secret management product but we look forward to other project contributions.