trenaldas/hush-hush

AWS Secrets Manager helper package

Maintainers

Details

github.com/trenaldas/hush-hush

Source

Issues

Installs: 97

Dependents: 0

Suggesters: 0

Security: 0

Stars: 1

Watchers: 1

Forks: 0

Open Issues: 0

1.4 2021-11-24 10:05 UTC

Requires

MIT b126283688075cc5e2a0a18259979019d36f4af7

  • Renaldas Tauras <t.renaldas.woop@gmail.com>

managerawslaravelsecretsaws-sdkhush-hush

This package is auto-updated.

Last update: 2025-06-24 18:50:32 UTC

README

Latest Stable Version Total Downloads Latest Unstable Version License Monthly Downloads

Composer package to help with AWS Secrets Manager service secrets (hush-hushes). This package will automatically update your database credentials from AWS Secrets Manager secret.

Installation

Use Composer to install Hush-Huhs to your Laravel project

composer require trenaldas/hush-hush

After installing Hush-Hush Composer package, use command below:

php artisan hush-hush:install

This will publish config file to config/hush-hush.php and will create empty hush-hush.yml file in your root directory.

Config File

Config file has three main configs:

environments
exception_throw
every_request

'environment' config describes the environments you want your secrets to be retrieved at. It's set to have two most common environments by default: staging and production. You should amend these accordingly with your project environment names (best do it before running database and secret commands).

'exception_throw' config is set to false by default. This will log errors in case of any failure (fore example while running composer install in the environment that does not have access to AWS SM)

'every_request' config is set to true by default. Calls SM with every request, if set to false - checks if connection is okay, and if not, calls SM to update db credentials.

Usage

For database login details

Use command:

php artisan hush-hush:database

For any other secret to store

Use command:

php artisan hush-hush:create-secret

All secrets created can be manually edited, deleted or added in hush-hush.yml file.

To get secrets anywhere in your code

Use class HushHush function uncover('localSecretName') to get secret.

.yml file example

database:
  name: mysql
  environemts:
    local: hush-hush-secret-local
    staging: hush-hush-secret-staging
    production: hush-hush-secret-production
secrets:
  local_secret_name:
    local_name: app-secret
    environments:
      local: hush-hush-local
      staging: hush-hush-staging
      production: hush-hush-production
  local_super_secret_name:
    local_name: my-api-login
    environments:
      local: hush-hush-super-local
      staging: hush-hush-super-staging
      production: hush-hush-super-production

Authors

  _   _           _           _   _           _
 | | | |_   _ ___| |__       | | | |_   _ ___| |__
 | |_| | | | / __| '_ \ _____| |_| | | | / __| '_ \
 |  _  | |_| \__ \ | | |_____|  _  | |_| \__ \ | | |
 |_| |_|\__,_|___/_| |_|     |_| |_|\__,_|___/_| |_|