Skip to content
/ aws-init Public

Secure runtime secret injection and init process for containers using AWS Secrets Manager and AWS SSM Parameter Store.

License

View license
0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

cmecca/aws-init

BranchesTags

Repository files navigation

aws-init

A lightweight init process for containers that securely resolves AWS Secrets Manager and AWS SSM Parameter Store values at runtime.

Full documentation: pkg.go.dev/cmecca.io/aws-init

Installation

go get cmecca.io/aws-init@latest

Usage

aws-init command [args...]

Set environment variables with aws-secret: prefixes:

export DATABASE_URL="aws-secret:myapp/prod#database_url"
export API_KEY="aws-secret:myapp/api"
aws-init python app.py

Flags

  • -v show version
  • -h health check

Secret Formats

Secrets Manager:

SIMPLE_SECRET=aws-secret:myapp/api
JSON_KEY=aws-secret:myapp/config#database_url

Parameter Store:

PARAMETER=aws-secret:/aws/reference/secretsmanager/myapp/token

Authentication

Uses standard AWS credential chain (IRSA, instance profile, etc).

License

See LICENSE for terms.

Disclaimer

Per the NOTICE, this is a personal project developed in my individual capacity. It is not affiliated with or endorsed by Amazon Web Services, Inc.

aws-init was built with Go 1.23

aws-init

About

Secure runtime secret injection and init process for containers using AWS Secrets Manager and AWS SSM Parameter Store.

Topics

go docker kubernetes golang aws devops ssm init-containers parameter-store eks secrets-manager irsa

Resources

Readme

License

View license

Security policy

Security policy
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases 2

v1.0.1 Latest
Jun 1, 2025
+ 1 release

Packages

No packages published

Languages