npm
Sign UpSign In

sops-secretsmanager-cdk-test
TypeScript icon, indicating that this package has built-in type declarations

0.0.1 • Public • Published

sops-secretsmanager-cdk

Safely load secrets from sops into secretsmanager using the CDK

Usage

import { SopsSecretsManager } from 'sops-secretsmanager-cdk';
...
new SopsSecretsManager(this, 'StoreSecrets', {
    path: './path/to/secretsfile.yaml',
    kmsKey: myKey,  // or use kms.Key.fromKeyArn
    secretName: 'TestSecret',  // or secret: mySecret
    mappings: {
        nameInSecretsManager: {
            path: ['path', 'to', 'value', 'in', 'secretsfile'],
            // optionally pass encoding: 'json' to pass a portion of the secrets file
        },
        anotherThingInSecretsManager: {
            path: ['other', 'path'],
        },
        // etc
    },
});

Implementation

Using the CDK's custom resource mini-framework, the sops secrets file is uploaded to S3 as an asset as is, still encoded. The custom resource Lambda then decodes the secrets (in memory, never on disk) and puts them into the SecretsManager secret.

Readme

Keywords

none

Package Sidebar

Install

npm i sops-secretsmanager-cdk-test

Weekly Downloads

0

Version

0.0.1

License

none

Unpacked Size

29.4 MB

Total Files

6

Last publish

Collaborators

  • plumdog
Try on RunKit
Report malware