Allow data encryption key read from env var for AWS Keystore

reidmorrison / symmetric-encryption

Symmetric Encryption for Ruby Projects using OpenSSL

https://logger.rocketjob.github.io/

Apache License 2.0

476 stars 92 forks source link

Allow data encryption key read from env var for AWS Keystore #149

Closed ram-nadella closed 3 years ago

ram-nadella commented 3 years ago

Environment

Ruby Version: 2.6
Symmetric Encryption Version: 4.3.2
Application/framework names and versions: Rails 6.x
Keystore: AWS

Expected Behavior

(not a bug, new feature)

Be able to read the data encryption key from an env var when using the AWS Keystore instead of file to avoid putting keys on the filesystem.

Actual Behavior

Feature does not exist

Pull Request

https://github.com/rocketjob/symmetric-encryption/pull/148 (Work in progress)

reidmorrison commented 3 years ago

We have switched away from the complex configuration file and now use Secret Config to hold the encryption keys. It also holds all of our passwords and other configuration settings. We found it much simpler to manage, and is also secured by a KMS key. https://config.rocketjob.io/