0
0
Dockerdevops~5 mins

Secrets management in Docker - Cheat Sheet & Quick Revision

Choose your learning style9 modes available
LearnWhyDeepVisualTryChallengeProjectRecallTime
Recall & Review
beginner
What is secrets management in Docker?
Secrets management in Docker is a way to securely store and manage sensitive data like passwords, API keys, and certificates so they are not exposed in your application code or Docker images.
Click to reveal answer
beginner
How do you create a secret in Docker?
You create a secret in Docker using the command: 
docker secret create <secret_name> <file_with_secret>
This stores the secret securely in the Docker swarm.
Click to reveal answer
intermediate
How can a Docker service access a secret?
When you deploy a Docker service, you can attach secrets to it using the --secret flag. Inside the container, the secret is available as a file in /run/secrets/<secret_name>.
Click to reveal answer
beginner
Why should secrets not be stored in Docker images or environment variables?
Storing secrets in images or environment variables risks exposing them because images can be shared and environment variables can be viewed by other processes or users. Docker secrets keep them encrypted and only available to authorized services.
Click to reveal answer
intermediate
What happens to Docker secrets when a service is removed?
When a Docker service is removed, the secrets attached to it are no longer accessible by that service. Docker manages secrets lifecycle so they are only available to running services that need them.
Click to reveal answer
Which command creates a Docker secret?
Adocker secret create my_secret secret.txt
Bdocker create secret my_secret secret.txt
Cdocker secret add my_secret secret.txt
Ddocker secret new my_secret secret.txt
Where are Docker secrets available inside a container?
A/run/secrets/
B/etc/secrets/
C/var/lib/secrets/
D/usr/local/secrets/
Why is it unsafe to store secrets in environment variables?
AThey are encrypted automatically
BThey can be viewed by other processes or users
CThey are only accessible inside the container
DThey expire after service removal
How do you attach a secret to a Docker service?
ASet the secret as an environment variable
BAdd the secret to the Dockerfile
CMount the secret as a volume
DUse the --secret flag during service creation
What happens to secrets when a Docker service is removed?
ASecrets are deleted from Docker swarm
BSecrets remain accessible to all containers
CSecrets are no longer accessible by that service
DSecrets are stored in environment variables
Explain how Docker secrets help keep sensitive data safe in your applications.
Think about how secrets avoid exposure compared to environment variables or image layers.
You got /4 concepts.
    Describe the steps to create a secret and use it in a Docker service.
    Start from creating the secret file, then how to add it to a service, and finally how the service reads it.
    You got /3 concepts.