Data

Tools

Indexes

Applications

Experiments

Awesome

An open API service indexing awesome lists of open source software.

https://github.com/paketo-buildpacks/encrypt-at-rest

A Cloud Native Buildpack that AES encrypts an application layer and then decrypts it at launch time
https://github.com/paketo-buildpacks/encrypt-at-rest

all-applications cnb encrypt-at-rest utilities

Last synced: 2 months ago
JSON representation

A Cloud Native Buildpack that AES encrypts an application layer and then decrypts it at launch time

Awesome Lists containing this project

README 

        
# Paketo Buildpack for Encrypt at Rest



## Buildpack ID: `paketo-buildpacks/encrypt-at-rest`

## Registry URLs: `docker.io/paketobuildpacks/encrypt-at-rest`



The Paketo Buildpack for Encrypt At Rest is a Cloud Native Buildpack that AES encrypts an application layer and then decrypts it at launch time.



## Behavior

This buildpack will participate any of the following conditions are met



* `$BP_EAR_KEY` is set to a hex-encoded AES key



The buildpack will do the following:



* AES encrypts the contents of `` using Cipher Feedback (CFB) mode and a randomly generated initial vector

* Removes the source code in ``

* Contributes a `profile.d` script the decrypts the application before launching



## Configuration

| Environment Variable | Description                                  |

|----------------------|----------------------------------------------|

| `$BP_EAR_KEY`        | Configure the AES key to use at build time.  |

| `$BPL_EAR_KEY`       | Configure the AES key to use at launch time. |



## License

This buildpack is released under version 2.0 of the [Apache License][a].



[a]: http://www.apache.org/licenses/LICENSE-2.0