chamber
aws-secret-sidecar-injector
chamber | aws-secret-sidecar-injector | |
---|---|---|
12 | 2 | |
2,403 | 132 | |
0.5% | - | |
7.5 | 3.1 | |
4 days ago | over 1 year ago | |
Go | Go | |
MIT License | MIT No Attribution |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
chamber
-
ssmsh VS chamber - a user suggested alternative
2 projects | 9 Nov 2023
Chamber takes an opinionated view on AWS Parameter store as compared to ssmsh
-
Ask HN: Secure and simple way for secret/credential management in a startup?
Building on this I’ve found https://github.com/segmentio/chamber to be super useful
-
I need some feedback on the README for my Django Base Site
For secrets, the PaaS platform (Github Actions, Fly.io, etc.) I usually use has a method that works with environment variables. If I need something custom on AWS, then I use Chamber backed by AWS KMS.
- Can't believe Next.js founder said my open source project is 'fantastic'
-
How can you add secrets to a dockerfile/image from AWS (Secret Manager)
We use Chamber (https://github.com/segmentio/chamber) to do this for us. Bring it into your image and use the environment variables as necessary. Some applications support using environment variables natively, you might need to add a script to write them into your config files.
-
Interfacing w/ AWS Parameter Store via REST API
You can take a look at some code I wrote a while back to do this if you want examples https://github.com/segmentio/chamber/blob/master/store/ssmstore.go .
-
How do you share and sync .env files for your team
We use AWS Parameter Store and segmentio/chamber.
-
Not sure if DevOps, but a few questions.
https://github.com/segmentio/chamber is nice with parameter store, ive used it in the past.
-
Exporting Parameter Store values to /etc/environment in a deployed EC2 instance from CloudFormation
Use Chamber.
-
Configuration of software baked into AMI
For interacting with SSM, I would recommend using https://github.com/segmentio/chamber. You could add something to your user-data script that uses chamber to load a config file (chamber export is one way to do it) from SSM on startup. You could also use Systems Manager to enable you to do a "hot reload" of sorts by sending a command to your server to run the chamber command and restart your application.
aws-secret-sidecar-injector
- How can you add secrets to a dockerfile/image from AWS (Secret Manager)
-
EKS pods using IRSA (IAM auth per pod) to access AWS Secrets WITHOUT creating K8s secret?
There is a PoC of an AWS sidecar injector that imports a secret into a ramdisk as an init step and injects the secrets into the pod when launched, but it's clearly a PoC, and only supports a single secret, not to mention not being enterprise ready.
What are some alternatives?
sops - Simple and flexible tool for managing secrets
git2consul - Mirrors the contents of a git repository into Consul KVs.
hiera-eyaml-vault - A hiera-eyaml encryption plugin for Vault's transit engine
aws-sdk-go-v2 - AWS SDK for the Go programming language.
petems-hiera_vault - A hiera backend for access to secrets being stored in HashiCorp Vault
credstash - A little utility for managing credentials in the cloud
django-base-site - The Django Base Site is a Django site that is built using the best Django practices and comes with all the common Django packages that you need to jumpstart your next project.
gonsul - A stand-alone alternative to git2consul
cfn-secret-provider - A CloudFormation custom resource provider for deploying secrets and keys
compose-cli - Easily run your Compose application to the cloud with compose-cli
infisical - ♾ Infisical is the open-source secret management platform: Sync secrets across your team/infrastructure and prevent secret leaks.