Nobita
Reputation: 708
Securing/Encrypting the sensitive environment variables
I'm using an env file which contains sensitive information for docker creation.
But the thing is they are not secure. They can be easily viewed via docker inspect, and hence they are available to any user that can run docker commands.
I'm looking for a way in which I can secure these values from the outside users, without using docker swarm.
Is there a way to achieve this?
Upvotes: 3
Views: 1523
Answers (1)
Alejandro Galera
Reputation: 3691
For variables needed in built-time (image creation):
- ARG: --build-arg
For env variables needed when container starts:
- --env-file: It lets you nobody can see your variables doing
historyinspecting your cli command. - Use docker secrets: possible in swarm, docker enterprise. (docker swarm secrets)
Upvotes: 2
Related Questions
- How to pass environment variable to docker-compose up
- How to acces env variable with dockerfile
- Pass ENV variables specified in shell from docker-compose to Dockerfile
- docker-compose Equivalent to Docker Build --secret Argument
- Hiding sensitive information with Docker Compose
- docker-compose environment variables inside container
- Dockerfile: create ENV variable that a USER can see?
- Defining ENV variables in a Dockerfile that is used in a docker-compose file
- Use Docker environment variables for credentials
- Storing secret env variables as separate data container in Docker