PKI Blog

DevOps: How to Securely Spin Up Containers using CMS, Puppet, and Ansible

Posted by Jake Adkins on Aug 13, 2018 4:05:25 PM

There are many benefits to the automation of container deployment, but these benefits do not come without their complications. The DevOps efforts have made hard coding credentials into cloud-init scripts common practice, but this poses major security risks. Moreover, what if you need to get a certificate on to one of these instances? Do you save it into an image or configuration file? This poses even greater risk, as an adversary now has access to an exportable private key. Using tools like Puppet or Ansible conjointly with our Certificate Management System (CMS) platform, we can mitigate these risks and request the certificate uniquely for the container or virtual machine at the time of its creation. This post will demonstrate this concept in the context of Microsoft Azure VMs.

Read More

Topics: DevOps, Certificate Management System (CMS), Puppet, Ansible

Recent Posts

Posts by Topic

see all

Subscribe to Email Updates

Want to Learn more about CSS?