Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

An AWS Secrets Manager Provider for Hush

License

NotificationsYou must be signed in to change notification settings

gordalina/hush_aws_secrets_manager

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

42 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Build StatusCoverage Statushex.pm versionhex.pm downloads

This package provides aHush Provider to resolve Amazon Web Services'sSecrets Manager secrets.

Documentation can be found athttps://hexdocs.pm/hush_aws_secrets_manager.

Installation

The package can be installed by addinghush_aws_secrets_manager to your listof dependencies inmix.exs:

defdepsdo[{:hush,"~> 1.0"},{:hush_aws_secrets_manager,"~> 1.1"}]end

This module relies onex_aws to talk to the AWS API. As such you need to configure it, below is an example, but you can read alternative ways of configuring it intheir documentation.

As the provider needs to startex_aws application, it needs to registered as a provider inhush, so that it gets loaded during startup.

# config/config.exsaliasHush.Provider.AwsSecretsManagerconfig:ex_aws,access_key_id:[{:system,"AWS_ACCESS_KEY_ID"}],secret_access_key:[{:system,"AWS_SECRET_ACCESS_KEY"}]# ensure hush loads AwsSecretsManager during startupconfig:hush,providers:[AwsSecretsManager]

AWS Authorization

In order to retrieve secrets from AWS, ensure the service account you use has a similar policy as:

{"Version":"2012-10-17","Statement": [    {"Effect":"Allow","Action":"secretsmanager:GetSecretValue","Resource": ["arn:aws:secretsmanager:<region>:<account>:secret:<secret-name>","arn:aws:secretsmanager:us-east-1:000000000000:secret:config/password-MzBAO2"      ]    }  ]}

Usage

The following example reads the password and the pool size for CloudSQL from secret manager into the ecto repo configuration.

# config/prod.exsaliasHush.Provider.AwsSecretsManagerconfig:app,App.Repo,password:{:hush,AwsSecretsManager,"CLOUDSQL_PASSWORD"},pool_size:{:hush,AwsSecretsManager,"ECTO_POOL_SIZE",cast::integer,default:10}

License

Hush is released under the Apache License 2.0 - see theLICENSE file.

About

An AWS Secrets Manager Provider for Hush

Topics

Resources

License

Stars

Watchers

Forks

Sponsor this project

 

Contributors2

  •  
  •  

Languages

[8]ページ先頭
©2009-2025 Movatter.jp