secrets2env 0.1.4

Command-line tool for generating environment variables from AWS Secrets

secret2env

Command-line tool for generating sourcable environment variables from secrets in AWS Secrets Manager using a YAML definition.

Installation

$ pip install secrets2env

Environment Definition

Below is an example environment definition. The values for environment variables will be generated using .format() and keyword arguments.

- secret: aws/secret-name
  name: ENV_SECRET
  value: "{key1-in-secret}"
- secret: production/postgresql
  name: PSQL_URI
  value: "postgresql://{username}:{password}@postgresql:5432/{dbname}"

Usage

Path to a definition like the one can be provided as argument, otherwise it defaults to ./aws-secrets.yml. Running secrets2env will print a sourceable environment to STDOUT which can be evald or redirected to an environment file.

# with path to definition file
$ secrets2env --definition path/to/definition.yml
# or using the default path (./aws-secrets.yml) with the definition above
$ secrets2env

It will result in the following output

# Autogenerated by <path/to/installed/secrets2env.py>
export ENV_SECRET='some-secret'
export PSQL_URI='postgresql://pg-user:pg-pw@postgresql:5432/pgdb'

# you can eval directly
eval "`secrets2env`"
# or redirect to file
echo -e "\n`secrets2env`" >> env.sh

Limitations / TODOs

• currently only supports SecretString
• currently only supports OsX and Linux
• no automated tests