sops-secretsmanager-cdk
Safely load secrets from sops into secretsmanager using the CDK
Usage
;...new SopsSecretsManagerthis, 'StoreSecrets', ;
Implementation
Using the CDK's custom resource mini-framework, the sops secrets file is uploaded to S3 as an asset as is, still encoded. The custom resource Lambda then decodes the secrets (in memory, never on disk) and puts them into the SecretsManager secret.