Security credential deployment in cloud environment

摘要

Techniques are described for deploying a security credential for an application deployed in a cloud. An encrypted security credential is received from a remote system and is inserted into a virtual machine image associated with the application. Upon deploying the virtual machine image as a virtual machine instance, embodiments transmit a request to a cryptex server for a decrypted security credential, the request including the encrypted security credential and a virtual machine identifier for the virtual machine instance. The cryptex server is configured to retrieve metadata associated with the virtual machine identifier and to authenticate the virtual machine instance using the retrieved metadata. Embodiments receive, from the cryptex server, the decrypted security credential for use by the application.

主权项

1. A method of deploying a security credential for an application deployed in a cloud, comprising:
receiving an encrypted security credential from a remote system; inserting, by operation of one or more computer processors, the encrypted security credential into a virtual machine image associated with the application; upon deploying the virtual machine image as a virtual machine instance, transmitting a request to a cryptex server for a decrypted security credential, the request including the encrypted security credential and a virtual machine instance identifier for the deployed virtual machine image, wherein the cryptex server is configured to retrieve metadata associated with the virtual machine identifier and to authenticate and authorize the virtual machine instance using the retrieved metadata; and receiving, from the cryptex server, the decrypted security credential for use by the application.