AWS Secrets
Sync your secrets to AWS Secrets when an environment variable is changed.
Instructions
Step1
Navigate to the add-ons page. Click AWS Secrets. Then click Connect AWS Secrets.
Step2
On the next page, generate your AWS IAM User and paste in the credentials.
Important: The AWS IAM user must have correct permissions. Below is an example. Modify for your security needs.
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "VisualEditor0",
"Effect": "Allow",
"Action": [
"secretsmanager:UntagResource",
"secretsmanager:DescribeSecret",
"secretsmanager:DeleteResourcePolicy",
"secretsmanager:PutSecretValue",
"secretsmanager:CreateSecret",
"secretsmanager:DeleteSecret",
"secretsmanager:CancelRotateSecret",
"secretsmanager:ListSecretVersionIds",
"secretsmanager:UpdateSecret",
"secretsmanager:GetRandomPassword",
"secretsmanager:GetResourcePolicy",
"secretsmanager:GetSecretValue",
"secretsmanager:StopReplicationToReplica",
"secretsmanager:PutResourcePolicy",
"secretsmanager:ReplicateSecretToRegions",
"secretsmanager:RestoreSecret",
"secretsmanager:RotateSecret",
"secretsmanager:UpdateSecretVersionStage",
"secretsmanager:ValidateResourcePolicy",
"secretsmanager:RemoveRegionsFromReplication",
"secretsmanager:ListSecrets",
"secretsmanager:TagResource"
],
"Resource": "*"
}
]
}
Step3
Lastly, set up the AWS Secrets config path and region.
That’s it! 🎉 Your secrets are now synced to AWS Secrets and will continue to stay in sync when you modify your secrets.
Thank you for using Dotenv with AWS Secrets.