Default Actuator Configuration Exposes Sensitive Data

The current default configuration of the federated catalogue exposes all of the Spring Actuator Endpoints. As recently seen with the data breach at Volkswagen, these endpoints expose all configuration, which in the case of the federated catalogue includes secrets to Postgres, Neo4J and Keycloak:

The default configuration should be adjusted to only expose the endpoints that are needed to operate the catalogue. From my understanding, "health" should be sufficient, but I have no visibility if other endpoints are relevant.