How To Keep A Secret in Python Apps
Episode #418,
published Fri, Jun 2, 2023, recorded Wed, May 24, 2023
Think about the different APIs and databases your application works with. Every one of them requires either an API key or a database connection string that itself contains a password. How do you let your application access this sensitive information without storing it in source code or putting in other compromising locations? We have Glyph Lefkowitz on the show to share his security fable as well as just good advice for keeping secrets out of Python code.
Links from the show
Links from the show
Glyph on Mastodon: @glyph@mastodon.social
ShhGit: github.com
Encrust: github.com
GitHub Security Alerts: github.com
CIA Triad: fortinet.com
pinpal: github.com
XKCD Authorization: xkcd.com
Tokenring: github.com
AWS Vault: github.com
Gimme-AWS-creds: github.com
Secrets in GitHub Actions: github.com
Python Client for HashiCorp Vault: python-hvac.org
Pomodouroboros app: github.com
DateType: pypi.org
Haveibeenpwned: haveibeenpwned.com
PEP 541: peps.python.org
Glyph's security talk at PyCon: us.pycon.org
Watch this episode on YouTube: youtube.com
Episode transcripts: talkpython.fm
--- Stay in touch with us ---
Subscribe to us on YouTube: youtube.com
Follow Talk Python on Mastodon: talkpython
Follow Michael on Mastodon: mkennedy
ShhGit: github.com
Encrust: github.com
GitHub Security Alerts: github.com
CIA Triad: fortinet.com
pinpal: github.com
XKCD Authorization: xkcd.com
Tokenring: github.com
AWS Vault: github.com
Gimme-AWS-creds: github.com
Secrets in GitHub Actions: github.com
Python Client for HashiCorp Vault: python-hvac.org
Pomodouroboros app: github.com
DateType: pypi.org
Haveibeenpwned: haveibeenpwned.com
PEP 541: peps.python.org
Glyph's security talk at PyCon: us.pycon.org
Watch this episode on YouTube: youtube.com
Episode transcripts: talkpython.fm
--- Stay in touch with us ---
Subscribe to us on YouTube: youtube.com
Follow Talk Python on Mastodon: talkpython
Follow Michael on Mastodon: mkennedy