Securing your data in Code Engine

How your data is stored and encrypted in Code Engine

While Code Engine does not store personal or sensitive data, when running Code Engine, the data that is stored by Code Engine includes references to container images where you run the images as Code Engine applications or batch jobs. Code Engine does not store the container image data. Instead, it uses the pointer that you provide to where your container image repository is located, which might be a public repository like Docker Hub or a private IBM Container Registry. Therefore, encryption of your data in your container images is implemented and managed as part of your container image repository.

Some data, like Docker Hub credentials, batch job templates and IBM container registry API key are stored as part of your namespace in Code Engine, within an underlying Kubernetes secret map (within your Kubernetes etcd data). For more information, see Securing information in Kubernetes.

Deleting your data in Code Engine

Data in images is deleted within your container image repository.

To delete data that is stored within Code Engine, such as Docker Hub credentials, batch job templates, or an IBM container registry API key, delete your Code Engine project.

When you delete a project from the console or with the CLI, it is soft deleted and can be restored. You must restore your project within 7 days or it is permanently deleted. For more information about restoring projects, see Restoring deleted projects. To permanently delete a project, see Permanently deleting projects.

When you delete a project, any projects that are not permanently deleted count toward the maximum of 20 total projects per region that are allowed.

By using the --force option with the project delete command, the delete is forced without confirmation.

ibmcloud ce project delete --name myproject --force

Example output

Deleting project `myproject`
OK