Skip to content

Secret cheat sheet: added segmentation scheme #1693

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 7 commits into
base: master
Choose a base branch
from
Open

Secret cheat sheet: added segmentation scheme #1693

wants to merge 7 commits into from

Conversation

sergiomarotco
Copy link
Contributor

@sergiomarotco sergiomarotco commented Jun 12, 2025
edited
Loading

Adding segmentation scheme for Secret Management System.

Secrets_Management_Cheat_Sheet_Vault_scheme drawio

@sergiomarotco
Copy link
Contributor Author

@jmanico hi! 😅

jmanico
jmanico previously approved these changes Jun 12, 2025
View reviewed changes
@sergiomarotco
Copy link
Contributor Author

@kwwall need approval

@sergiomarotco sergiomarotco mentioned this pull request Jun 16, 2025
Closed
kwwall
kwwall previously approved these changes Jun 17, 2025
View reviewed changes
Copy link
Collaborator

@kwwall kwwall left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

My only comment is I think that the Middleware component is optional. There are lots of examples of where some front-end application server is using a back end key service like HashiCorp Vault or AWS KMS to retrieve something like a DB password and there is no middleware service layer at all. I would advise as either adding some explanation around that or minimally denote it as an optional layer. Otherwise, LGTM.

@sergiomarotco
Copy link
Contributor Author

My only comment is I think that the Middleware component is optional. There are lots of examples of where some front-end application server is using a back end key service like HashiCorp Vault or AWS KMS to retrieve something like a DB password and there is no middleware service layer at all. I would advise as either adding some explanation around that or minimally denote it as an optional layer. Otherwise, LGTM.

We should publish best practices, right?
Using HashiCorp Vault as an example:

  • FRONTWARE - NginX/Apache or API Management/Security software for balancing for first
  • MIDDLEWARE - Vault server;
  • BACKEND - Consul Server.

@sergiomarotco
Copy link
Contributor Author

@szh

szh
szh requested changes Jun 17, 2025
View reviewed changes
Copy link
Collaborator

@szh szh left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I've held off on reviewing this because my opinion is that it needs more explanation. We should assume that a reader of the secrets management cheat sheet is an app developer who has limited understanding of network segmentation. I feel that this text is a bit too advanced for such a reader, and the diagram needs more explanation.

@szh szh linked an issue Jun 17, 2025 that may be closed by this pull request
Update: [Secrets_Management_Cheat_Sheet_Vault] #1698
Closed
@sergiomarotco @szh
Update cheatsheets/Secrets_Management_Cheat_Sheet.md
67afaa7 
Co-authored-by: Shlomo Zalman Heigh <shlomozalmanheigh@gmail.com>
@sergiomarotco sergiomarotco dismissed stale reviews from kwwall and jmanico via 67afaa7 June 17, 2025 15:42
@kwwall
Copy link
Collaborator

kwwall commented Jun 17, 2025

We should publish best practices, right? Using HashiCorp Vault as an example:

  • FRONTWARE - NginX/Apache or API Management/Security software for balancing for first
  • MIDDLEWARE - Vault server;
  • BACKEND - Consul Server.

Well, except in that case, HashiCorp Consul is the component that's optional. That's especially true in lower risk and/or smaller operations. I've seen plenty of places where Vault is used alone, without Consul. Also, "best practices" generally implies more than simply choosing the most secure solution. It may not even be that the "most secure" solution is a "best practice" if a basic working assumption is "assume breach" as adding Consul expands the potential attack service and likely increases the operational security costs substantially. Cost-benefit exercises is one side of the risk analysis that you have to do to truly know if what you are intending to deploy is the best solution. (If you can't tell, I'm one of those annoying people who don't believe that "best practices" is a one-size-fits-all solution.)

@sergiomarotco sergiomarotco requested a review from szh June 26, 2025 15:23
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jmanico jmanico jmanico left review comments

@kwwall kwwall kwwall left review comments

@mackowski mackowski Awaiting requested review from mackowski mackowski is a code owner

@szh szh Awaiting requested review from szh szh is a code owner

+1 more reviewer

@andrzejsydor andrzejsydor andrzejsydor approved these changes

Reviewers whose approvals may not affect merge requirements

Requested changes must be addressed to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Update: [Secrets_Management_Cheat_Sheet_Vault]
5 participants
@sergiomarotco @kwwall @jmanico @szh @andrzejsydor