GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects â†’ say8425 â†’ aws-secrets-manager-actions

say8425 / aws-secrets-manager-actions

Licence: MIT license
🔒 GitHub Action for AWS Secrets Manager

Programming Languages

javascript
184084 projects - #8 most used programming language

Labels

awsgithub-actionaws-secretsmanager

Projects that are alternatives of or similar to aws-secrets-manager-actions

clang-format-action
GitHub Action for clang-format checking
Stars: ✭ 48 (-9.43%)
Mutual labels:  github-action
github-action-wpe-site-deploy
A GitHub Action to deploy code directly to WP Engine.
Stars: ✭ 116 (+118.87%)
Mutual labels:  github-action
action-netlify-deploy
🙌 Netlify deployments via GitHub actions
Stars: ✭ 32 (-39.62%)
Mutual labels:  github-action
action-github-workflow-sync
Github Action To Sync Github Action's Workflow Files Across Repositories
Stars: ✭ 51 (-3.77%)
Mutual labels:  github-action
setup-bats
GitHub Action to setup BATS testing framework
Stars: ✭ 25 (-52.83%)
Mutual labels:  github-action
mpv-winbuild
Use Github Action to build mpv for Windows with latest commit.
Stars: ✭ 78 (+47.17%)
Mutual labels:  github-action
action-dynamic-readme
~ Dynamic ReadME Generator ~
Stars: ✭ 29 (-45.28%)
Mutual labels:  github-action
codeowners-validator
The GitHub CODEOWNERS file validator
Stars: ✭ 142 (+167.92%)
Mutual labels:  github-action
slsa-provenance-action
Github Action implementation of SLSA Provenance Generation
Stars: ✭ 34 (-35.85%)
Mutual labels:  github-action
ticket-check-action
Verify that pull request titles start with a ticket ID
Stars: ✭ 29 (-45.28%)
Mutual labels:  github-action
recent-activity
Add your recent activity to your profile readme!
Stars: ✭ 87 (+64.15%)
Mutual labels:  github-action
migu-sign
å’Ē咕įˆąįœ‹į­žåˆ°čŽˇæĩé‡č¯č´šīŧŒé€ščŋ‡ github action æĨ厞įŽ°č‡Ē动į­žåˆ°ã€‚
Stars: ✭ 20 (-62.26%)
Mutual labels:  github-action
find-comment
A GitHub action to find an issue or pull request comment
Stars: ✭ 81 (+52.83%)
Mutual labels:  github-action
restrict-cursing-action
Github Action to prevent cursing and bad language in issues and pull requests
Stars: ✭ 20 (-62.26%)
Mutual labels:  github-action
org-audit-action
GitHub Action that provides an Organization Membership Audit
Stars: ✭ 34 (-35.85%)
Mutual labels:  github-action
tectonic-action
Compile Tex files easily
Stars: ✭ 77 (+45.28%)
Mutual labels:  github-action
aws-assume-role
GitHub action to assume subsequent AWS roles
Stars: ✭ 22 (-58.49%)
Mutual labels:  github-action
composer-normalize-action
+ đŸŽĩ Provides a GitHub action for running ergebnis/composer-normalize.
Stars: ✭ 25 (-52.83%)
Mutual labels:  github-action
setup-jdk
(DEPRECATED) Set up your GitHub Actions workflow with a specific version of AdoptOpenJDK
Stars: ✭ 32 (-39.62%)
Mutual labels:  github-action
changed-files
Github action to retrieve all (added, copied, modified, deleted, renamed, type changed, unmerged, unknown) files and directories.
Stars: ✭ 733 (+1283.02%)
Mutual labels:  github-action
View All Similar Projects ➔

AWS Secrets Manager Actions

npm version GitHub Actions Test GitHub Actions Publish GitHub license

This GitHub Action lets you export secrets stored in AWS Secrets Manager to environment values in your GitHub runner.

Usage

Add the AWS IAM keys and the secret name that you want to use from your AWS Secrets Manager secrets list to your GitHub repo secrets. Then, in the GitHub actions yaml, add the following step.

  1. Using github openid-connect (Recommented)
steps:
 - name: Store ENV from AWS SecretManager
   uses: say8425/aws-secrets-manager-actions@v2
   with:
     AWS_DEFAULT_REGION: "YOUR-AWS-REGION"
     SECRET_NAME: ${{ env.SECRET_NAME }}
     OUTPUT_PATH: '.env' # optional
  1. Using github secrets
steps:
 - name: Export ENV from AWS SecretManager
   uses: say8425/aws-secrets-manager-actions@v2
   with:
     AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
     AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
     AWS_DEFAULT_REGION: ${{ secrets.AWS_DEFAULT_REGION }}
     SECRET_NAME: ${{ secrets.SECRET_NAME }}
     OUTPUT_PATH: '.env' # optional

AWS IAM

You need an AWS IAM user that has policies to access/read the AWS Secrets Manager secret. Add this IAM user's access id/keys as AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY and region as AWS_DEFAULT_REGION in your repo's GitHub Secrets.

Policy

An example policy to provide the permissions to the user is given below:

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "VisualEditor0",
            "Effect": "Allow",
            "Action": "secretsmanager:GetSecretValue",
            "Resource": "*"
        }
    ]
}

We recommend being more specific with the Resource in the policy by adding the secret ARN.

Get more information at AWS User Guide.

Secret Name

This is the secret name that you want to read the secrets from. Only one secret name is supported.

Environment Values

Your secrets will be exported as environment values into the github runner. These environment values are masked with *** in logs in the GitHub Actions for security purposes.

Raw string values

Most of the secrets can be parsed. However, in some case, parsing of secrets can fail. An example case is an invalid json. In such cases, the unparsed raw sting is stored in asm_secret env key.

Export environment variables to file

The environment variables can also be exported to a file with OUTPUT_PATH input parameter. When OUTPUT_PATH is defined, the GitHub action writes the environment variables to the specified filename.

Contributing

Your contributions are always welcome! Feel free to check issues or Pull Requests

License

This project is MIT licensed.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].