New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Use a AWS Secret Manager for DB credentials #126
Comments
/bounty 150 |
💎 $150 bounty created by scratchdata 👉 Add a bounty • Share on socials
|
@poundifdef can I be assigned? |
/attempt #126
|
/attempt #126 I'll be using a combination of AI agents and my own knowledge with AWS systems. Should be done today. Options |
A doubt here.
|
Good question. This new interface should just return a string. Then the code can decode that into a golang struct as needed. The |
💡 @mehulmathur16 submitted a pull request that claims the bounty. You can visit your bounty board to reward. |
🎉🎈 @mehulmathur16 has been awarded $150! 🎈🎊 |
Today, the
pkg/storage/database
package is responsible for fetching the credentials for a database. That interface contains a function called GetDestinationCredentials().We want to refactor the code to use a separate package for managing secrets.
Step 1: Create
pkg/storage/vault
packageThis will follow the same pattern as the
pkg/storage/blobstore
package, where different storage types can be configured.vault
package should have an interface which has two functions:GetCredential(name string) string
andSetCredential(name, value string)
memory
which just returns credentials fromconfig.Destination
in YAML. The implementation should basically be identical to the existing functionality here.vault
which has the same format as thedatabase
section (type and settings.)Step 2: Refactor code to use the new
vault
package instead ofdatabase
GetDestinationCredentials()
to use our new vault insteadStep 3: AWS Secrets Manager
Create a new implementation of the Vault interface which uses AWS Secrets manager
vault
for AWS.prefix
. When keys are created or retrieved, we should add this prefix.The text was updated successfully, but these errors were encountered: