Where to store credentials if not in environment variable?

The docker course mentions to not store sensitive data in an environment variable as other users that have access to the machine may see the sensitive data, such as database passwords, API keys, etc. What’s the alternative to this? Where should we store this data in order for our apps to access it?

Hi,

Using environment variables is a thing. But when they hold sensitive data it may get into the eyes of too many people.

I think in the context of Docker, this is a good read.

Good luck and cheers.

PS: You are given other options there