ADR-0004: Be Practically Secure
- Status: accepted
- Date: 2024-05-11
- Tags: guidelines, principles
Context and Problem Statement
Corollary: Do not be annoyingly secure.
Provide a delightful user experience while taking security seriously.
VMware Secrets Manager is a secure solution, yet still delightful to operate.
You won’t have to jump over the hoops or wake up in the middle of the night to keep it up and running.
Instead, VMware Secrets Manager will work seamlessly, as if it doesn’t exist at all.
Decision Drivers
- Certain solutions out in the wild are hard to configure operate and maintain.
- Security solutions are often seen as a hindrance to productivity.
- A security solution can help DevOps, SREs, and security engineers instead of being a burden.
Considered Options
- Be practically secure, and enable delightful user experience. Provide additional levels of security as optional features to those who need them.
- Be annoyingly secure, maintenance-heavy, and hard to operate.
Decision Outcome
Chosen option: “option 1”, because we want DevOps teams to have a life.
Positive Consequences
- Happy users.
- Secure solution.
- Less maintenance.
- More time to focus on other things.
- Ability to harden the solution when needed.
Negative Consequences
- Those who need a more secure solution may need to enable additional features.
ADRs
You can view the ADRs by browsing this following list:
- ADR-0001: Use Log4brains to manage the ADR
- ADR-0002: Use Markdown Architectural Decision Records
- ADR-0003: VSecM Will Be Scoped to Work on Kubernetes Only
- ADR-0004: Be Practically Secure
- ADR-0005: Be Resilient by Default
- ADR-0006: Be Secure by Default
- ADR-0007: Document All Public Methods
- ADR-0008: Have a Minimal and Intuitive API
- ADR-0009: Have at Least 50% Test Coverage Across the Project
- ADR-0010: Keep Non-Public Function in Separate Files from the Public Functions
- ADR-0011: Keep Things Minimal: Do One Thing Well
- ADR-0012: All Files Shall Have a SPDX License Header
- ADR-0013: Scan the Codebase for Vulnerabilities and Code Smells Regularly
- ADR-0014: Get OpenSSF Best Practices Compliance
- ADR-0015: Keep Source Code Line Length Around 80 Characters
- ADR-0016: Centralize Magic Words, Numbers, and Configuration Constants in Common Modules
- ADR-0017: VSecM OIDC Resource Server Shall Be Secure by Default“
- ADR-0018: Use Asciinema for Use Case Examples in the Documentation“
- ADR-0019: Use RESTful APIs for Communication Between Components
- ADR-0020: VSecM will not enforce expiration and invalid before time for secrets
- ADR-0021: VSecM Shall Use Environment Variables for Configuration
- ADR-0022: VSecM Shall Use the Latest Stable Dependencies