Skip to content

Command-line tool for generating environment variables from AWS Secrets

License

Notifications You must be signed in to change notification settings

eguven/secrets2env

Repository files navigation

Build Status

secret2env

Command-line tool for generating sourcable environment variables from secrets in AWS Secrets Manager using a YAML definition.

Installation

$ pip install secrets2env

Environment Definition

Below is an example environment definition. The values for environment variables will be generated using .format() and keyword arguments.

- secret: aws/secret-name
  name: ENV_SECRET
  value: "{key1-in-secret}"
- secret: production/postgresql
  name: PSQL_URI
  value: "postgresql://{username}:{password}@postgresql:5432/{dbname}"

Usage

Path to a definition like the one can be provided as argument, otherwise it defaults to ./aws-secrets.yml. Running secrets2env will print a sourceable environment to STDOUT which can be evald or redirected to an environment file.

# with path to definition file
$ secrets2env --definition path/to/definition.yml
# or using the default path (./aws-secrets.yml) with the definition above
$ secrets2env

It will result in the following output

# Autogenerated by <path/to/installed/secrets2env.py>
export ENV_SECRET='some-secret'
export PSQL_URI='postgresql://pg-user:pg-pw@postgresql:5432/pgdb'
# you can eval directly
eval "`secrets2env`"
# or redirect to file
echo -e "\n`secrets2env`" >> env.sh

Limitations / TODOs

  • currently only supports SecretString
  • currently only supports OsX and Linux
  • no automated tests

About

Command-line tool for generating environment variables from AWS Secrets

Topics

Resources

License

Stars

Watchers

Forks

Packages

No packages published

Languages