Terraspace Secrets with AWS: Don’t Commit Secrets into Git, Instead Use SSM and Secrets Manager

Terraspace Secrets with AWS: Don’t Commit Secrets into Git, Instead Use SSM and Secrets Manager

January 4, 2022

Tags:

terraform terraspace aws

Committing secrets into your source version control is not a good practice. We'll show you how to use AWS SecretsManager and SSM Parameter Store to store and use secrets safely instead.

Commands

In the video, to focus on learning, we mainly use the AWS Console to create the secrets. Once you get used to it, here are some useful CLI commands:

aws secretsmanager create-secret --name demo-dev-user --secret-string bob
aws secretsmanager create-secret --name demo-dev-pass --secret-string secret
aws secretsmanager list-secrets
aws secretsmanager get-secret-value --secret-id demo-dev-user
aws secretsmanager get-secret-value --secret-id demo-dev-pass
aws secretsmanager delete-secret --force-delete-without-recovery --secret-id demo-dev-user
aws secretsmanager delete-secret --force-delete-without-recovery --secret-id demo-dev-bob

Links:

Terraspace Docs: AWS Secrets
GitHub: boltops-learn/terraspace-aws-secrets

Explore lesson as part of a learning path

AWS and Terraform Terraform and Terraspace

Get full access to these great resources

All for less than the price of coffee a day

44 courses

286 lessons

46+ hours

Get started with BoltOps Learn now and get access to easy and powerful lessons

Get started with BoltOps Learn

BoltOps Tools

Terraspace: The Terraform Framework

It provides an organized structure, conventions over configurations, keeps your code DRY, and adds convenient tooling. Terraspace makes working with Terraform easier and more fun.
Jets: The Ruby Serverless Framework

Ruby on Jets allows you to create and deploy serverless services with ease, and to seamlessly glue AWS services together with the most beautiful dynamic language: Ruby. It includes everything you need to build an API and deploy it to AWS Lambda. Jets leverages the power of Ruby to make serverless joyful for everyone.
AWS CodeBuild Tool

Cody is a AWS CodeBuild management tool. Cody simplifies creating and managing AWS CodeBuild projects. Comes with a powerful DSL.
Lono: The CloudFormation Framework

Building infrastructure-as-code is challenging. Lono makes it much easier and fun. It includes everything you need to manage and deploy infrastructure-as-code.
Kubes: Kubernetes Deployment Tool

Kubes is a Kubernetes Deployment Tool. It builds the docker image, creates the Kubernetes YAML, and runs kubectl apply. It automates the deployment process and saves you precious finger-typing energy.