II.
Topic overview
Reference · livetopic:ci-secrets-management
CI Secrets Management overview
CI Secrets Management as a cross-cutting topic - securely injecting credentials and sensitive configuration into pipeline jobs without exposing them in logs or artifacts. Covers GitHub Actions encrypted secrets and environment protection rules, OIDC-based short-lived token federation (AWS, GCP, Azure), HashiCorp Vault dynamic secrets, secret scanning to prevent accidental commits, and the principle of least-privilege for pipeline service accounts.
Attributes
displayName
CI Secrets Management
description
CI Secrets Management as a cross-cutting topic - securely injecting credentials
and sensitive configuration into pipeline jobs without exposing them in logs
or artifacts. Covers GitHub Actions encrypted secrets and environment protection
rules, OIDC-based short-lived token federation (AWS, GCP, Azure), HashiCorp
Vault dynamic secrets, secret scanning to prevent accidental commits, and
the principle of least-privilege for pipeline service accounts.
Outgoing edges
applies_to2
- domain:devops·DomainDevOps
- domain:cybersecurity·DomainCybersecurity
Incoming edges
contains2
- domain:cybersecurity·DomainCybersecurity
- domain:devops·DomainDevOps