Blog Posts for: Secrets

ASP.NET Core: No more worries about checking in secrets

30 May 2016

A number of articles have been written about the new Configuration model in ASP.NET Core, but one of the things which does not seem to be highlighted quite often, is how it can protect you from accidently checking secrets (such as connection string passwords or OAuth keys) into source control. The have been various cases in the media over the past number of years where people have ended up on the wrong side of an Amazon Web Services bill after an unscrupulous operator have managed to get a hold of their AWS keys and used it to create EC2 instances.