Skip to main content

CDK Construct for secrets

Project description

CDK Secrets

CDK docs npm version PyPI version NuGet version GitHub

WORK IN PROGRESS

While this is generally working, it is not ready for production.

AWS CDK construct to manage secrets. It makes use of a custom resource provider from binxio/cfn-secret-provider.

This package is written in TypeScript and made available via JSII to all other supported languages. Package are available on:

The secret provider can create RSA keys, DSA keys, EC2 key-pairs, IAM user passwords and access keys and generally secrets stored in parameter store or secret store.

All this functionality is provided by the binxio/cfn-secret-provider custom resource.

Examples

There is an example application in ./example showing how to create a new EC2 key pair.

When it comes to security, you should not trust anyone. By default the secret provider uses the the lambda function stored s3://binxio-public-${AWS_REGION}/lambdas/cfn-secret-provider-1.0.0.zip. You might want to download this file, review its contents and store it in your own bucket or along with your code. You then can create the lambda function from that zip file instead lie so:

# Example automatically generated. See https://github.com/aws/jsii/issues/826
code = lambda.Code.from_asset(path.join(__dirname, "../cfn-secret-provider-1.0.0.zip"))

secret_provider = secret.Provider(self, "SecretProvider",
    code=code
)

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

cdk-secrets-0.4.3.tar.gz (95.8 kB view hashes)

Uploaded Source

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page