Secure configuration
Services usually require some form of configuration. A service configuration stores all of the information that could potentially vary depending on the environment the service is deployed in. For example, when running a service locally on a developer's workstation, the service should probably connect to a database that is also running locally. In production, however, the service should connect to the production database. Common data stored in configuration includes the location of and credentials to data stores, access tokens, or other credentials for third-party services and operational information, such as where to send metrics or what values to use when initializing connection pools or configuring timeouts for network connections.
It's important to store configuration separately from code. When you make a configuration change, you should not have to commit a change to a source code repository, create a new build, and run a separate deploy. Ideally, there should be...