Commit 1972de01 authored by Nick Gaskill's avatar Nick Gaskill

Merge branch 'vault-security' into 'master'

Add docs for Vault Managed App Security Risk

See merge request gitlab-org/gitlab!44297
parents 25a6603d 682fdb77
......@@ -1108,7 +1108,10 @@ used in your applications, GitLab CI/CD jobs, and more. It could also serve as a
providing SSL/TLS certificates to systems and deployments in your infrastructure. Leveraging
Vault as a single source for all these credentials allows greater security by having
a single source of access, control, and auditability around all your sensitive
credentials and certificates.
credentials and certificates. This feature requires giving GitLab the highest level of access and
control. Therefore, if GitLab is compromised, the security of this Vault instance is as well. To
avoid this security risk, GitLab recommends using your own HashiCorp Vault to leverage
[external secrets with CI](../../ci/secrets/index.md).
To install Vault, enable it in the `.gitlab/managed-apps/config.yaml` file:
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment