{ "info": { "author": "German Gomez-Herrero", "author_email": "german@findhotel.net", "bugtrack_url": null, "classifiers": [ "Programming Language :: Python :: 3" ], "description": "Secrets Vault\n=============\n\n|Build Status| |PyPI|\n\nA\n`humilis `__\nplugin that implements a ``secrets-vault`` layer. The layer consists of\nan encrypted DynamoDB table that serves secrets to Lambda functions in\nthe same humilis environment. The encryption and decryption of secrets\nis handled by AWS `KMS service `__.\n\nInstallation\n------------\n\nFrom `PyPI `__:\n\n::\n\n pip install humilis-secrets-vault\n\nTo install the dev version:\n\n::\n\n pip install git+https://github.com/InnovativeTravel/humilis-secrets-vault\n\nHow do I use this?\n------------------\n\nSimply add this layer to your\n`humilis `__\nenvironment and use the layer parameter ``associated_processors`` to\nspecify the layers that contain the Lambda functions that require access\nto the secrets in the vault. For example, the environment below deploys\na Lambda function that processes events in a Kinesis stream. The Lambda\nprocessor is granted access to the secrets vault that is also part of\nthe same environment:\n\n::\n\n ---\n myenvironment:\n description:\n An environment with a Lambda processor to filter events in a Kinesis\n stream.\n\n layers:\n - layer: streams\n layer_type: streams\n streams:\n - name: InputStream\n shard_count: 1\n\n - layer: event-processor\n layer_type: kinesis-processor\n dependencies: [\"streams\"]\n input: {layer: streams, stream: InputStream}\n\n - layer: secrets-vault\n layer_type: secrets-vault\n # We specify that the Lambda function in the event-processor layer\n # should have access to the secrets in the vault.\n associated_processors: [\"event-processor\"]\n\nThe ``secrets-vault`` layer expects that the layer(s) that contain the\nLambda processor(s) expose a layer output ``LambdaFunctionArn`` with the\nARN of the Lambda function that should have access to the secrets in the\nvault. Layers of type\n`kinesis-processor `__\nas in the example above fulfil this expectation so they will work\nout-of-the-box.\n\nRetrieving secrets\n~~~~~~~~~~~~~~~~~~\n\nThe easiest way of retrieving secrets from your Lambda function is to\ninclude package\n`lambdautils `__ as a\ndepencency.\n\nThen you can easily retrieve secrets from the vault within your Lambda\ncode as follows:\n\n::\n\n import lambdautils.utils as utils\n\n # Assuming that you are deploying this Lambda with humilis the line below\n # will indicate humilis to preprocess this function with Jinja2 before\n # producing the Lambda deployment package.\n # preprocessor:jinja2\n\n # During deployment, humilis will replace here the name of the humilis\n # environment and deployment stage.\n ENVIRONMENT = \"{{_env.name}}\"\n STAGE = \"{{_env.stage}}\"\n\n plaintext = utils.get_secret(\n \"my_secret_key\", environment=ENVIRONMENT, stage=STAGE)\n\nStoring secrets\n~~~~~~~~~~~~~~~\n\nYou can use\n`humilis `__\nto store secrets in the vault from the command line:\n\n::\n\n humilis set-secret --stage [STAGE] [ENVIRONMENT_FILE] [SECRET_KEY] [SECRET_VALUE]\n\nDevelopment\n-----------\n\nAssuming you have\n`virtualenv `__\ninstalled:\n\n::\n\n make develop\n\nConfigure humilis:\n\n::\n\n .env/bin/humilis configure --local\n\nTesting\n-------\n\nYou can test the deployment of the secrets vault using:\n\n.. code:: bash\n\n make create\n\nThen you can then run the integration test suite (TBD):\n\n::\n\n make testi\n\nDon't forget to delete the test deployment once you are done:\n\n.. code:: bash\n\n make delete\n\nMore information\n----------------\n\nSee\n`humilis `__\ndocumentation.\n\nContact\n-------\n\nIf you have questions, bug reports, suggestions, etc. please create an\nissue on the `GitHub project\npage `__.\n\nLicense\n-------\n\nThis software is licensed under the `MIT\nlicense `__.\n\nSee `License\nfile `__.\n\n\u00a9 2016 German Gomez-Herrero, `Find\nHotel `__ and others.\n\n.. |Build Status| image:: https://travis-ci.org/humilis/humilis-secrets-vault.svg?branch=master\n :target: https://travis-ci.org/humilis/humilis-secrets-vault\n.. |PyPI| image:: https://img.shields.io/pypi/v/humilis-secrets-vault.svg?style=flat\n :target: https://pypi.python.org/pypi/humilis-secrets-vault", "description_content_type": null, "docs_url": null, "download_url": "UNKNOWN", "downloads": { "last_day": -1, "last_month": -1, "last_week": -1 }, "home_page": "http://github.com/humilis/humilis-secrets-vault", "keywords": null, "license": "MIT", "maintainer": null, "maintainer_email": null, "name": "humilis-secrets-vault", "package_url": "https://pypi.org/project/humilis-secrets-vault/", "platform": "UNKNOWN", "project_url": "https://pypi.org/project/humilis-secrets-vault/", "project_urls": { "Download": "UNKNOWN", "Homepage": "http://github.com/humilis/humilis-secrets-vault" }, "release_url": "https://pypi.org/project/humilis-secrets-vault/0.2.4/", "requires_dist": null, "requires_python": null, "summary": "Humilis layer that deploys a secrets vault", "version": "0.2.4" }, "last_serial": 2200684, "releases": { "0.0.1": [ { "comment_text": "", "digests": { "md5": "a8edf1f1687ab66e9fd6f795f39064aa", "sha256": "037a0903ea2a168799f67e6560a51eabf6d1442487ef57e1c10f70b92f009b92" }, "downloads": -1, "filename": "humilis-secrets-vault-0.0.1.tar.gz", "has_sig": false, "md5_digest": "a8edf1f1687ab66e9fd6f795f39064aa", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 3090, "upload_time": "2016-03-09T23:07:56", "url": "https://files.pythonhosted.org/packages/56/bc/0d40be7ccfa86b34e8b6ffb726a2c9e29351a604e886fff9ac5e747d41d8/humilis-secrets-vault-0.0.1.tar.gz" } ], "0.0.2": [ { "comment_text": "", "digests": { "md5": "e1ab3e3b311079fc6c8d1e5618b9ade1", "sha256": "dac3f53a12e7317ee450b28ff1a9f75112cab8192b5af40a9bc987f08f557cd2" }, "downloads": -1, "filename": "humilis-secrets-vault-0.0.2.tar.gz", "has_sig": false, "md5_digest": "e1ab3e3b311079fc6c8d1e5618b9ade1", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 3090, "upload_time": "2016-03-09T23:09:33", "url": "https://files.pythonhosted.org/packages/b2/88/041c81f3d3331f441fedcaf6e02ed6cb11032b936ad51c7297849ea69274/humilis-secrets-vault-0.0.2.tar.gz" } ], "0.1.0": [ { "comment_text": "", "digests": { "md5": "e377b3c107e00055b897cdda5dd96eba", "sha256": "8dec0fcf355b450d9c3d311efeadcb6d513e19b3e58094d885dc71b33e8673be" }, "downloads": -1, "filename": "humilis-secrets-vault-0.1.0.tar.gz", "has_sig": false, "md5_digest": "e377b3c107e00055b897cdda5dd96eba", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 3469, "upload_time": "2016-06-25T21:46:35", "url": "https://files.pythonhosted.org/packages/51/5a/11f0987bc44b98cb31e4cf49236a8197bd099e8e0a448ac2e3f4df4cf766/humilis-secrets-vault-0.1.0.tar.gz" } ], "0.2.0": [ { "comment_text": "", "digests": { "md5": "97b92c3f9094746cdb44869a9b867b03", "sha256": "1341a7bead038c6f6f35cc9951596978e0f308d50c63659bd296d91c5b94581d" }, "downloads": -1, "filename": "humilis-secrets-vault-0.2.0.tar.gz", "has_sig": false, "md5_digest": "97b92c3f9094746cdb44869a9b867b03", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 3481, "upload_time": "2016-07-01T09:12:06", "url": "https://files.pythonhosted.org/packages/64/fc/0e7f6c805c4bee547f2a8eac7f68e185c9c8c612f956db9d8795ae4cd6b6/humilis-secrets-vault-0.2.0.tar.gz" } ], "0.2.1": [ { "comment_text": "", "digests": { "md5": "1ee1837b5c9adc05a050c02c08f54578", "sha256": "491dcc541482e7409eaca614b24e5a46f7d9d6f04251a8fcfe6464de52ba4cc6" }, "downloads": -1, "filename": "humilis-secrets-vault-0.2.1.tar.gz", "has_sig": false, "md5_digest": "1ee1837b5c9adc05a050c02c08f54578", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 3478, "upload_time": "2016-07-01T09:15:18", "url": "https://files.pythonhosted.org/packages/de/0b/cb3c20808a192aa930366dbdfbc7a3f61c1db7f1139b1ea02455e6e417c7/humilis-secrets-vault-0.2.1.tar.gz" } ], "0.2.2": [ { "comment_text": "", "digests": { "md5": "c808c25f2717fa66649977dbd076a083", "sha256": "a2e976ca643daa6e00a62f3b2703e4db7e6739fbc545267decac032defef5e38" }, "downloads": -1, "filename": "humilis-secrets-vault-0.2.2.tar.gz", "has_sig": false, "md5_digest": "c808c25f2717fa66649977dbd076a083", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 4725, "upload_time": "2016-07-01T09:35:17", "url": "https://files.pythonhosted.org/packages/91/8c/4154f616cecc17034c9a36173adaed9aac79680d7812b5531d8aa166a9dc/humilis-secrets-vault-0.2.2.tar.gz" } ], "0.2.3": [ { "comment_text": "", "digests": { "md5": "0b45c94cdaa6d74a84276505416c6ff4", "sha256": "7da977b29743be90cbe40065b606250cff2b81b0d39e919d4fb02050da044bc5" }, "downloads": -1, "filename": "humilis-secrets-vault-0.2.3.tar.gz", "has_sig": false, "md5_digest": "0b45c94cdaa6d74a84276505416c6ff4", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 4712, "upload_time": "2016-07-03T17:37:01", "url": "https://files.pythonhosted.org/packages/43/58/d879d0db0131260de59b7c8fe897b633e3ef92bf6a1172c7126e25726e17/humilis-secrets-vault-0.2.3.tar.gz" } ], "0.2.4": [ { "comment_text": "", "digests": { "md5": "da47a6747c3da442b48a77c1898145f1", "sha256": "36ca98ebc6b80c3b159c4ce1b0d0c95f8a981e3f6bb0d44174ae9d24fa9e99f5" }, "downloads": -1, "filename": "humilis-secrets-vault-0.2.4.tar.gz", "has_sig": false, "md5_digest": "da47a6747c3da442b48a77c1898145f1", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 4736, "upload_time": "2016-07-03T17:38:22", "url": "https://files.pythonhosted.org/packages/0a/ca/25397932e73eb99fc19f91d75533261ef1d846501ca58cbbae9c5c42256d/humilis-secrets-vault-0.2.4.tar.gz" } ] }, "urls": [ { "comment_text": "", "digests": { "md5": "da47a6747c3da442b48a77c1898145f1", "sha256": "36ca98ebc6b80c3b159c4ce1b0d0c95f8a981e3f6bb0d44174ae9d24fa9e99f5" }, "downloads": -1, "filename": "humilis-secrets-vault-0.2.4.tar.gz", "has_sig": false, "md5_digest": "da47a6747c3da442b48a77c1898145f1", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 4736, "upload_time": "2016-07-03T17:38:22", "url": "https://files.pythonhosted.org/packages/0a/ca/25397932e73eb99fc19f91d75533261ef1d846501ca58cbbae9c5c42256d/humilis-secrets-vault-0.2.4.tar.gz" } ] }