Skip to main content

Convection Secrets Store Plugin for Password Generation and Storage

Project description

Convection Plugin - Secrets - PassDB

Password Generator and Storage

Physical Storage

If the Secret Store Name contains slashes, it is assumed as a path, and placed as $STORAGE_ROOT/$STORE_NAME (ex: (/data)/(my/secret/store)). If it does not contain slashes, it is stored at $STORAGE_ROOT/secrets/$STORE_NAME (ex (/data)/(my.secret.store))

Data is stored all in a single file.

Data Format

{
    "metadata": { <plugin metadata> },
    "config": { <configuration data> },
    "store": { <passdb in k:v form>},
    "stats": {
        "reads": <number of reads performed since creation>,
        "writes": <number of writes performed since creation>
    }
}

Note that the Stats data for Reads may not be accurately represented if a number reads happen, but a write does not occur before the Convection Secrets Manager is shutdown/restarted. These stats are held in memory until a write occurs, and so the stat for reads since the last write would be lost on stop/restart. Write stat should always be accurate. The Read stat will be accurate for the duration of the service running (assuming no writes), however.

Secret Store Args

These arguments are required when a new PassDB Store is created.

{
  "default": {
    "length": <default password length>,
    "letters": <default password letters>
  }
}

During creation you should pass --store-arg '{ "default": { ... } }' to configure these values

Secrets Args

Create/Modify

  • secret_name: Name of Entry to Create/Modify
  • secret_value: [OPTIONAL] Password. If empty, a password will be generated.
  • length: [OPTIONAL] Password Length. If empty, 20.
  • value_type: [OPTIONAL] Password Value Type. If empty, printable.

Get/Destroy

  • secret_name: Name of Secret to View/Destroy

Password Value Types

This is a selection of which characters will be available in the password that is generated. This parameter is based on entries from the string class. Its value may be one of:

  • printable: Any printable character
  • ascii_letters: Upper and Lowercase ASCII characters
  • digits: Numbers only

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

convection-plugin-secrets-passdb-1.0.0.tar.gz (57.7 kB view hashes)

Uploaded Source

Built Distribution

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page