![]() Having worked with multiple Azure customers who have faced these challenges, I decided to address this whitespace by building a solution to tackle this specific area. ![]() Not only are these solutions insufficient in addressing a multitude of services organizations use in the cloud, they also do not address the “update dependent applications” part of the problem at all. Unfortunately, this is often not enough to ease the tasks associated with managing this problem space. As the number of such services and custom applications that rely on them grows, IT administrators are often left to their own devices to figure out how to manage periodic rotation of the multitude of secrets as well as how to update their dependent applications when such change is made.Īzure offers some automation to help solve a portion of these problems, specifically automated storage account rotation by Key Vault and general guidance on how to use automation to solve these types of problems for other services. More and more workloads take advantage of a multitude of PaaS services, many of which utilize different access control schemes. As more enterprises move their workloads to the cloud, the need for adherence to these policies becomes more apparent. These secrets can range from specific identify passwords to service access keys. Many organizations have long standing security mandates to rotate application secrets.
0 Comments
Leave a Reply. |