serverless-crypt
serverless-crypt copied to clipboard
marcy-terui
Securing the secrets on Serverless Framework by AWS KMS encryption
I'm using this to allow secrets in the repository which get automatically decrypted when running serverless. In my case this is the password for a rds db instance. Usage: ```yaml...
HI, In defualt values are encrypted and saved in .serverless-secret.json file, is there any way we can have the files like [.serverless-secret_dev.json, .serverless-secret_prod.json, .serverless-secret_Stage.json ] to save the encrypeted values...
In both decrypt.js and encrypt.js, the secret text is sent to the logger facility. Is this really necessary? It seems to reduce the security of the secrets - let the...
When attempting to decrypt I get the error in the title ``` const slscrypt = require('slscrypt'); slscrypt.get($SECRET_NAME); ```
``` Expected params.Plaintext to be a string, Buffer, Stream, Blob, or typed array object ``` If I have a secret that is "123.455" I receive the above error message if...
For example, if the unencrypted password is 'Testpas$word', the returned value is 'Testpas'.
When i include this plugin in my serverless.yml file, I get the following error. Cannot find module 'serverless/lib/plugins/aws/lib/validate'
It would be great if we could write secrets as well as retrieve them
It looks like this only supports secrets in a single AWS region. Any robust aws setup uses multiple regions. I think it looks relatively straightforward to add this and it...
This error happens when I attempt to encrypt. The alias for my KMS is PhotoboothConn ``` service: userApi provider: ... plugins: - serverless-crypt custom: - cryptKeyId: ${env:PhotoboothConn} functions: ... ```...
Metadata
Owner
Metadata
Securing the secrets on Serverless Framework by AWS KMS encryption