Handling Secrets
How do you send an SMS when users click a button?
You find a JavaScript library that talks to an SMS provider. Configure your API keys, call the library, user gets an SMS. Yay!
3 months later you wake up to a $5,000 bill. Someone looked at your JavaScript code, took the API keys, and ran a spam campaign.
Orchestrating 3rd party services is where cloud functions shine. The perfect environment for glue code.
Isolated code that does one thing with no cruft. Runs on-demand, consumes no resources when not in use, scales near infinitely. Perfection.
And it runs on a server where users can't see the code. There's no right-click inspect, no JavaScript files downloaded, no user environment at all.
😍
What is a secret
A secret is any piece of information you can't share. Any key with access to a special resource. Passwords and API tokens, for example.
You can add semi-secret configuration variables. URLs for parts of your system, ports of a database server, kinda-hardcoded data, etc.
How secretive you have to be depends on context.
Configuration variables are okay to leak, if the system is otherwise secure. But they can give an attacker information about your system.
Production passwords for sensitive health information ... you don't even want your engineers to know those. Especially not former engineers.
3 ways to handle secrets
There are 3 ways to handle secrets. From least to most secure.
- Hardcoded values
- Dotenv files
- Secrets manager
Each method comes with different pros and cons. Pros in terms of security, cons in how cumbersome to use.
