Skip to content

ProQuo-AI/aws-secrets-reader

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

16 Commits
.github/workflows
.github/workflows
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
go.mod
go.mod
 
 
go.sum
go.sum
 
 
local_builds.sh
local_builds.sh
 
 
main.go
main.go
 
 
main_test.go
main_test.go
 
 

Repository files navigation

aws-secrets-reader

This application is created to be used with Launch.

Currently it is able to collect secrets from AWS Secrets Manager and then do some post processing.

Help Menu

The help menu should get you going for most of the questions of how to use this. -h

Collects secrets from AWS Secrets manager.
version: development
  -aws-profile string
        AWS Profile to use. Blank by default and omitted.
  -h    Help menu.
  -prepend-with string
        Prepend the returned keys with given string. Upper casing happens after this is applied.
  -region string
        AWS region to use. eu-west-1 by default. (default "eu-west-1")
  -secret string
        The key to use when collecting the secret.
  -upper-case
        Attempt to uppercase all the returned keys
  -v    Shows the version.

Post Processing

Prepend to keys

Prepend a string at the beginning of all collected secret keys. This is useful if you are looking to collect many keys and they have similar names. Or if you are looking to add a prefix to the keys to have them automatically ingested.

Example

# -prepend-with potatoes_
# this
{"badger":"mushroom"}
# becomes
{"potatoes_badger":"mushroom"}

# remember to add separators like _ or - as they are not automagically added.

UPPER CASE keys

Most environment variables are in upper case. However they are not stored in upper case in the secret manager. Therefore we need a way to quickly uppercase them.

Upper case happens AFTER the prepend action or any other post process

Example

# -upper-case
# this
{"badger":"mushroom"}
# becomes
{"BADGER":"mushroom"}

Upper and prepend together 😱

You can use both the post processors currently available. Just remember that UPPER CASE is always last.

# -prepend-with potatoes_
# -upper-case
# this
{"badger":"mushroom"}
# becomes
{"POTATOES_BADGER":"mushroom"}

Formatting

Secrets can be ingested in a number of ways. So it stands to reason that the secrets reader can output the secrets in a number of formats. Currently there are the following formats available.

  • json
  • yaml
  • env
  • shell_export

shell_export is the only one that requires some explaining. Basically you get the same as env format but with export written out at the beginning of each line. This allows you to use the eval command to collect exports and bring them into your current shell.

eval $(secrets-reader -aws-profile prod -region eu-west-1 -secret super-shhh-secret -format shell_export)

About

Read secrets from AWS Secrets Managers

Resources

Readme

License

Apache-2.0 license
Activity
Custom properties

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • Go 91.7%
  • Shell 8.3%