Re: How to make values in VCAP_SERVICES json private or secret or hidden

Home Messages Hashtags Subgroups

Stuart Charlton #5286 Hi Nikhil, Generally the way to prevent individuals from reading VCAP_SERVICES is to give them a non-SpaceDeveloper role in that space, like SpaceAuditor. A SpaceDeveloper is the only role that can read or set those values, and generally you'd want them to be able to manage them. So, say a developer pushed code to QA, they'd have SpaceDeveloper access to a QA space, and could read/write VCAP_SERVICES. Pushing to production you'd have a different person with SpaceDeveloper access to a Prod space. Or, more commonly, you'd prod access to a secured CI/CD tool like Jenkins or Concourse that governed SpaceDeveloper access to Prod. Cheers Stu On Wed, Jun 29, 2016 at 3:28 PM, Nikhil Katre <nikhil.katre(a)appdynamics.com> wrote: Hi, I have a service that is supported on Cloud Foundry through Java Buildpack. I am trying to make the values of my service in VCAP_SERVICES json hidden or private, so that its invisible using the command cf env. Does anyone know how to achieve this in Cloud Foundry or PCF platform ? -- Stuart Charlton Pivotal Software \| Platform Architecture Mobile: 403-671-9778 \| Email: scharlton(a)pivotal.io attachment.html
More All Messages By This Member

Join {cf-dev@lists.cloudfoundry.org to automatically receive all group messages.