The password encryption in application.yml file on the cloudProxy
The application.yml, we have four entries for the proxy settings:
Is it possible to have some kind of encryption on the password? The security group will not be comfortable with the password being stored in clear text in the config file.
Release : SAAS
Component : CLOUD PROXY EXTENSION
According to the DEV/Product Management team, currently, the password encryption in application.yml file on the cloudProxy is not supported. At the moment, the DEV/Product Management team cannot take up this as an enhancement request.
The DEV/Product Management team has following suggestions on security.
Access rights should be set such that the config file is not visible/readable to/by other than trusted users.
File system encryption could also be considered as an additional mean to increase security.
We'd recommend the file security to be handled in line with the internal policies on your side.