-
Notifications
You must be signed in to change notification settings - Fork 899
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Using adminAssumeRole in KMS: encryption works fine; decryption gives No keys found in file
#804
Comments
No keys found in file
No keys found in file
I figured out the problem was with my
|
No keys found in file
No keys found in file
Can you reliably reproduce this? Getting a file in which there's no actual encryption key stored is definitely a bug. I've never seen that happen. BTW, you probably want a path_regex in your creation rule. |
I will go through my steps above with the config stated and see if I can reproduce this. I'll let you know. |
the documentation for .sops.yaml is pretty bad. Use of the |
The previously cross-reference issues show, that this issue frequently happens when the Another example:
creation_rules:
- wwwww:
|
This is almost probably my fault with respect to how KMS is setup, but the problem I am reporting deals more with the fact that if SOPS can encrypt something (using KMS) then it doesn't make sense that no keys exist for decryption.
My setup:
Trying to find solid and thorough documentation on
.sops.yaml
is challenging. The README has good stuff, but it's not thorough. Here's my.sops.yaml
:Using a test yaml file:
Here's my encryption output:
I don't see how it's possible to have successfully encrypted something using a symmetrical key from AWS and not have the key listed in the
kms
list.The text was updated successfully, but these errors were encountered: