Production secret management at Airbnb
- Airbnb built an internal tool Bagpiper which is a collection of tools and framework components that it uses for the management of production secret assets.
- They designed it to decouple secret management from other app configurations as Airbnb scaled, and to ensure a least-privileged access pattern, encryption of secrets at rest, support for applications across several languages and environments, and managing secrets for periodic rotation.
- Bagpiper creates segmented access by asymmetrically encrypting secrets with service-specific keys: a secret is encrypted with each of the public keys on a per-secret keychain, and only services with the corresponding private keys can decrypt the secret. It encrypts information at rest and decrypts it during use.
- Engineers can add, remove and rotate secrets, and make them available to select production systems. Secrets and changes to code are typically deployed together.
- Secrets are rotated continuously, using secret annotations that specify when a secret was created/last rotated and when to rotate it again.
Full post here, 6 mins read