I'm not sure how secure are environment settings in Azure Batch. Do I need to use certificates?
I am running tasks in Azure Batch, currently passing storage token with EnvironmentSetting. I cannot find any details in documentation on how secure is that. After reading security with certificates I feel like this is the way to go ("You typically need to use certificates when you encrypt or decrypt sensitive information for tasks, like the key for an Azure Storage account."), yet I'm not 100% convinced.
So, are environment settings secure or not?
If you just talk about the secure itself, it's a too broad question. In addition, you have many ways to add its security.
First, the environment variables are visible only in the context of the task user, the user account on the node under which a task is executed. And you cannot see them if you connect remotely. It's a secure setting. Then you can set the certificate as you provide, it's also a secure setting. They are the settings of Azure Batch itself.
For more, you can also control the permission to access your batch account. It's also a secure setting. So relatively speaking, it's secure. Hope my opinion will help you understand the security of the batch environment variables.