This repository was archived by the owner on Jun 5, 2023. It is now read-only.
Regarding management of senstive information in td-agent.conf file #272
Description
Our requirement is to have all the files which contain sensitive information encrypted. As td-agent.conf file contains sensitive credential information as plain text we have to encrypt this file as well.
We are following the below approach:
- Start service
- Check if process started running
- Encrypt the config file.
However, with this approach there is an issue as when a worker goes down and starts again as part of supervisor, it tries to read the conf file again but since file is encrypted it is failing to come up.
This complexity increases with multiple workers since all workers start independently in parallel and we do not know when to encrypt and decrypt.
Please share any solution to achieve this.
Thanks in advance.