Docker Community Forums

Share and learn in the Docker community.

Are environment variables secure on Docker Cloud?


(Sgerace) #1

I’m assuming since many docker images utilize environment variables, and the official docs suggest that they are the proper place for encryption keys:

Docker lets you externalize configuration - storing data such as encryption keys or external resource addresses in environment variables. Docker Cloud makes it easy to define, share, and update the environment variables of your services.

that Docker Cloud stores the environment variables defined for a stack or service (and along the same lines, ones defined in a Stackfile) in a secure manner.

Can you please confirm that environment variables and Stackfiles are stored and transmitted securely within the Docker Cloud system and that this is the best practice for providing sensitive information, like encryption keys, to containers?


Stackfile versioning and environment variable management
(Vidsy.co (Charlie)) #2

+1

Would really like I secure config store instead to be honest. Similar to http://kontena.io

@revett