Aws ssm parameter store #55
Conversation
Develop to main for 1.3.0 release
…-providers into aws_ssm_parameter_store Pulling last commits from develop branch before PR
kacem-expereo
requested review from
itdependsnetworks,
jathanism and
jedelman8
as code owners
|
Hi there @kacem-expereo. Thank you for the contribution! Thank you for your patience as we've been all hands on deck working on Nautobot v2 and external contributions have been difficult to balance. |
README.md
Outdated
| @@ -60,9 +60,9 @@ For this plugin to operate you must install at least one of the dependent librar | |||
|
|
|||
| **You must install the dependencies for at least one of the supported secrets providers or a `RuntimeError` will be raised.** | |||
|
|
|||
| #### AWS Secrets Manager | |||
| #### AWS Secrets Manager, AWS System Manager Parameter Store | |||
There was a problem hiding this comment.
Having both names in the same heading is a bit awkward to me. Can you please change this to just "AWS" and then add a sentence here to the effect of:
"AWS Secrets Manager and System Manager Parameter Store are supported."
There was a problem hiding this comment.
Also, can you please add a row for "AWS System Manager Parameter Store" to the table under the "Supported Secrets Backends" heading at the top of this file?
There was a problem hiding this comment.
I agree with this suggestion. Also it looks like System Manager should be Systems Manager throughout?
README.md
Outdated
| @@ -60,9 +60,9 @@ For this plugin to operate you must install at least one of the dependent librar | |||
|
|
|||
| **You must install the dependencies for at least one of the supported secrets providers or a `RuntimeError` will be raised.** | |||
|
|
|||
| #### AWS Secrets Manager | |||
| #### AWS Secrets Manager, AWS System Manager Parameter Store | |||
There was a problem hiding this comment.
I agree with this suggestion. Also it looks like System Manager should be Systems Manager throughout?
nautobot_secrets_providers/templates/nautobot_secrets_providers/home.html
Outdated
Show resolved
Hide resolved
Co-authored-by: Glenn Matthews <glenn.matthews@networktocode.com>
|
Thanks @bryanculver @glennmatthews ! No worries I've been following your work on nautobot v2 as well J |
Hi Team, as proposed in #51
I propose to use Parameter Store as a new Secret manager source.
Parameter store is 8 times cheaper than Secret manager and can be used as a key/pair storage using a simple json as follows:
{"password": "SecretToStore"}The key here is 'password' , provider 'parameter store' and region to be defined accordingly.
Test coverage is 91%
A function "get_value_for_secret(secret)" allows other plugins to fetch the secret from SSM.
Parameter store requires exactly the same setup as Secret Manager.
Thank you in advance for your time.