Talk Python To Me - Python Conversations For Passionate Developers

Think about the different APIs and databases your application works with. Every one of them requires either an API key or a database connection string that itself contains a password. How do you let your application access this sensitive information without storing it in source code or putting in other compromising locations? We have Glyph Lefkowitz on the show to share his security fable as well as just good advice for keeping secrets out of Python code. Links from the show Glyph on Mastodon: @glyph@mastodon.social ShhGit: github.com Encrust: github.com GitHub Security Alerts: github.com CIA Triad: fortinet.com pinpal: github.com XKCD Authorization: xkcd.com Tokenring: github.com AWS Vault: github.com Gimme-AWS-creds: github.com Secrets in GitHub Actions: github.com Python Client for HashiCorp Vault: python-hvac.org Pomodouroboros app: github.com DateType: pypi.org Haveibeenpwned: haveibeenpwned.com PEP 541: peps.python.org Glyph's security talk at PyCon: us.pycon.org Watch this episode on YouTube: youtube