Support for AWS secrets manager and parameter store

josmo / drone-ecs

Drone plugin for triggering Amazon EC2 Container Service (ECS) deployments

Apache License 2.0

30 stars 41 forks source link

Support for AWS secrets manager and parameter store #56

Closed jtallinger closed 3 years ago

jtallinger commented 3 years ago

Hi,

When using Drone secrets manager the secret variables are visible in plain text in the task definition. I had a requirement from my cybersecurity team to use AWS secrets manager or Parameter store (in systems manager) for all secrets. This pull request adds support for this.

Example:

  - name: deploy
    image: tallinger/drone-ecs:latest
    settings:
      ...
      secrets_manager_variables:
        - APP_KEY=arn:aws:ssm:eu-central-1:1234567890:parameter/secrets/app_key

josmo commented 3 years ago

Thanks for the contribution @jtallinger