tapp / laravel-aws-secrets-manager
Use AWS Secrets manager to load environment variables for configuration.
Installs: 108 569
Dependents: 0
Suggesters: 0
Security: 0
Stars: 31
Watchers: 10
Forks: 16
Open Issues: 1
Requires
- php: ^7.1 || ^7.3 || ^7.4 || ^8.0 || ^8.1
- aws/aws-sdk-php: ^3.145 || ^3.219 || ^3.263
- illuminate/support: ^6.0 || ^7.0 || ^8.0 || ^9.8 || ^10.6
Requires (Dev)
- orchestra/testbench: ^3.8 || ^5.0 || ^6.0 || ^7.4 || ^8.2
- phpunit/phpunit: ^7.0||^8.4||^9.3.3
This package is auto-updated.
Last update: 2024-04-19 17:49:52 UTC
README
Manage environment secrets using AWS Secrets Manager.
Installation
You can install the package via composer:
composer require tapp/laravel-aws-secrets-manager
Publish Config:
php artisan vendor:publish --provider="Tapp\LaravelAwsSecretsManager\LaravelAwsSecretsManagerServiceProvider"
Usage
This package will try and load in secrets from AWS Secrets manager in any environment that is in the enabled-environments config array. It is recommended that caching is enabled to reduce round trips to AWS Secrets Manager.
Available env values:
AWS_DEFAULT_REGION AWS_SECRETS_TAG_NAME=stage AWS_SECRETS_TAG_VALUE=production
AWS_SECRETS_TAG_NAME and AWS_SECRETS_TAG_VALUE are used to pull down all the secrets that match the tag key/value.
Setting up AWS Secrets
- Store New Secret.
- Select type of secret, one of AWS managed or other.
- Enter Key/Value, the KEY should match a env variable.
- Give it a secret name and description
- Add a tag key/value (stage => production) is an example if you want to pull down all production secrets.
Cache the config
php artisan config:cache
AWS Credentials
Since this package utilizes the PHP AWS SDK the following .env values are used or credentials set ~/.aws/credentials.
AWS_ACCESS_KEY_ID
AWS_SECRET_ACCESS_KEY
https://docs.aws.amazon.com/sdk-for-php/v3/developer-guide/guide_credentials.html
Key Rotation
If key rotation is enabled, the most recent next rotation date is cached and if it's in the past we force getting the secrets.
Testing
composer test
Changelog
Please see CHANGELOG for more information what has changed recently.
Contributing
Please see CONTRIBUTING for details.
Security
If you discover any security related issues, please email security@tappnetwork.com instead of using the issue tracker.
Credits
License
The MIT License (MIT). Please see License File for more information.
Laravel Package Boilerplate
This package was generated using the Laravel Package Boilerplate.
Laravel Google App Engine (GAE) Datastore Secret Manager
This package was heavily based off of the GAE package. laravel-GAE-secret-manager.