- Configuration files usually contain sensitive values such as:
- passwords for database accounts or directory service accounts
- shared secrets
- passwords for key stores
Sensitive configuration values should not be shared between instances and stages. For example, the database password for the productive instance should not be available in the configuration for the test instance.
Airlock IAM supports storing sensitive configuration values in protected keystore files outside the configuration XML.