-
**Describe the solution you'd like**
At the moment it does not seem possible to define a customer managed KMS key which should be used to encrypt a secret at rest. Is it possible to add this?
-
Hello, I'm trying to run `terraform init` in a clean `env/dev` folder and am receiving multiple errors due to "Duplicated local value definition".
Terraform version: v0.14.0
```
Error: Duplica…
-
I would like to be able to write something like this:
```yaml
creation_rules:
- path_regex: 'secrets\.(.*)\.(.*).yaml'
key_groups:
- kms:
- arn: arn:aws:kms:eu-central-1:999999:alias/s…
-
# Inspiration:
https://www.fpcomplete.com/blog/announcing-amber-ci-secret-tool/
# Implementation:
An assymetric keypair is created in AWS KMS (Key Managment System). The public half of the …
-
https://ocs4-jenkins-csb-odf-qe.apps.ocp-c1.prod.psi.redhat.com/job/qe-deploy-ocs-cluster/41837/consoleText
> [2024-09-06T11:26:22.060Z] 07:26:21 - MainThread - tests.functional.pv.pv_encryption.te…
-
Rather than writing secrets into a bucket with the default KMS key, it would be great to have support for [Secrets Manager](https://aws.amazon.com/secrets-manager/).
-
The goal of this new functionality would be to encrypt secrets pushed to parameter store as SecureString type with a specified Customer Managed KMS Key.
This feature will add security to the parame…
-
I'd like to be able to allow *anyone* to encrypt secrets to me; but only allow decryption through sops/KMS.
AWS support this with key_usage of `ENCRYPT_DECRYPT`. https://docs.aws.amazon.com/kms/lates…
-
Currently secrets (such as the GitHub and Slack API keys) are stored as plaintext (along with the rest of the config) in DynamoDB. Only those with DynamoDB access can see these credentials, and a lot …
mhart updated
6 years ago
-
Currently plan files persisted in workplace artifacts in GitHub are not encrypted (see #817). This is a security concern because plan artifacts contain a snapshot of state, which can contain sensitive…