As an EHDS2 node, I would like to be able to externalise passwords of technical accounts in a secure vault when deploying the national connector
Currently passwords of technical accounts are stored in files mounted to the docker images. Those files are not encrypted. To improve security the application should be compatible with state of the art solution to store secrets of a micro services applications (K8S secrets, CSP managed KeyVaults, ...)
Technical design to be defined.
Implement a more secure approach for handling passwords by transitioning to the use of encrypted files. https://www.passwordstore.org/