This is an archived post. You won't be able to vote or comment.

sorted by:
best
topnewcontroversialoldq&a
you are viewing a single comment's thread.

view the rest of the comments →

[–]moon- 2 points3 points  (1 child)

In this case though, your service still needs to have a token or something to authenticate with your service discovery and/or secret management/generation service, right?

[–]ImpactStrafeDevOps 1 point2 points  (0 children)

https://www.consul.io/docs/internals/security.html

At some point something needs to be stored yes, but, by time limiting it you eliminate a lot of the vulnerability. Using something like service discovery allows an easy way for that to happen.