floehopper
commented
5 years ago Another option would be to store them in the repo, but encrypt them with a key supplied in an environment variable and stored in our shared 1Password vault.
Open floehopper opened 5 years ago
floehopper
commented
5 years ago Another option would be to store them in the repo, but encrypt them with a key supplied in an environment variable and stored in our shared 1Password vault.
Currently the production deployment relies on environment variables which are not included in the repository. Given that it's private, we could add them to the repo, but it might be more appropriate to put them in the AWS parameter store and have the lambda functions obtain them from there.