Works, but
not ideal.
Use SOPS to encrypt and
store in version control.
1 2 3
fluxcd.io/docs/guides/mozilla-sops/#encrypting-secrets-using-hashicorp-vault
SOPS
2. Commit encrypted secret
to version control.
1. Use encryption key from
Vault to encrypt secret.
2
Slide 3
Slide 3 text
What happens when
you accidentally
commit
a plaintext secret?
3
Slide 4
Slide 4 text
1. Regret
2. Revoke
3. Rotate
4. Reference
5. Replace
6. Re-run
Plan R
AKA Remediation
4