mirror of
https://github.com/fleetdm/fleet
synced 2026-05-24 09:28:54 +00:00
48760fec58
Adds support for reading server `private_key` from AWS Secrets Manager. Combined with #31075, this should allow removing all common sensitive secrets from the environment/config (if I missed any let me know). This works with localstack for local development (set `AWS_ENDPOINT_URL=$LOCALSTACK_URL`, `AWS_ACCESS_KEY_ID=test`, and `AWS_SECRET_ACCESS_KEY=test`). I did not include config options for `AWS_ACCESS_KEY_ID` and `AWS_SECRET_ACCESS_KEY` because they are a bad practice vs role credentials and defeat the purpose of this feature which is to remove secrets from the environment/config. # Checklist for submitter If some of the following don't apply, delete the relevant line. <!-- Note that API documentation changes are now addressed by the product design team. --> - [x] Changes file added for user-visible changes in `changes/`, `orbit/changes/` or `ee/fleetd-chrome/changes`. See [Changes files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/guides/committing-changes.md#changes-files) for more information. - [x] Added/updated automated tests - [x] Manual QA for all new/changed functionality --------- Co-authored-by: Scott Gress <scott@fleetdm.com> |
||
|---|---|---|
| .. | ||
| cpe | ||
| cve | ||
| fleet | ||
| fleetctl | ||
| gitops-migrate | ||
| macoffice | ||
| maintained-apps | ||
| msrc | ||
| osquery-perf | ||