1. Deploying Siebel CRM Containers on Kubernetes using Siebel Cloud Manager
  2. Best Practices for Key Management

Best Practices for Key Management

  • No "big secret": Ensure that secrets in your system are not long-term, have a limited blast radius, and are not of high value. Avoid shared secrets, such as using a single password for all administrative users.
  • As is / To be: Maintain a clear overview of which users can view or modify the secrets. Often, maintainers of a project can access or extract its secrets. Reduce the number of individuals who can perform administrative tasks to limit exposure.
  • Log & Alert: Collect all logs related to secrets and implement rules to detect secret extraction or misuse, whether accessed through a web interface or through methods like double base64 encoding or encryption with OpenSSL.
  • Rotation: Regularly rotate secrets.
  • Forking should not leak: Ensure that a repository fork or copy of job definitions does not inadvertently expose secrets.
  • Document: Document the secrets you store and the reasons for their storage to facilitate easy migration when necessary.