diff options
author | Marc A. Paradise <marc.paradise@gmail.com> | 2021-07-07 17:42:05 -0400 |
---|---|---|
committer | Tim Smith <tsmith@chef.io> | 2021-07-14 08:07:35 -0700 |
commit | 60e6849aa65aece9ff896a765a92095337298d36 (patch) | |
tree | 6d61db57f3dc93512c2906eed327ff4c66a9c74b /chef.gemspec | |
parent | 9ebf86abc20aac7196e9628bd90b3256024cda10 (diff) | |
download | chef-60e6849aa65aece9ff896a765a92095337298d36.tar.gz |
Experimental support for an AWS Secrets Fetcher
In a recipe, usage will look like the following:
value = secret(name: "test1", service: :aws_secrets_manager, config: { region: "us-west-1" })
log "My secret is #{value.secret_string}"
Note the use of `secret_string` to determine the secret value. The
returned object here is Aws::Types::GetSecretValueResponse from the AWS SDK.
This beta implementation supports ec2/imds instance profile
authentication but also checks standard locations for credentials
configuration -- see documentation [1] for a description of default credentials search behavior.
[1] https://docs.aws.amazon.com/sdk-for-ruby/v3/api/Aws/SecretsManager/Client.html#initialize-instance_method
Signed-off-by: Marc A. Paradise <marc.paradise@gmail.com>
Diffstat (limited to 'chef.gemspec')
-rw-r--r-- | chef.gemspec | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/chef.gemspec b/chef.gemspec index 76f562cc71..0f278fff8f 100644 --- a/chef.gemspec +++ b/chef.gemspec @@ -55,6 +55,7 @@ Gem::Specification.new do |s| s.add_dependency "proxifier", "~> 1.0" + s.add_dependency "aws-sdk-secretsmanager", "~> 1.46" s.bindir = "bin" s.executables = %w{ } |