|
2 | 2 |
|
3 | 3 | 🚀 **Automate Parameter & Secret Management in Serverless Framework** |
4 | 4 |
|
| 5 | +## 📌 Why We Introduced This Plugin |
| 6 | +Managing secrets and parameters in AWS while working with the Serverless Framework can be tedious and error-prone. Developers often need to: |
| 7 | +- Manually define parameters and secrets in `serverless.yml`. |
| 8 | +- Ensure sensitive information isn't exposed. |
| 9 | +- Handle dynamic secrets without hardcoding values. |
| 10 | +- Simplify overrides and updates without modifying multiple files. |
| 11 | + |
| 12 | +To solve these problems, we built **Serverless Dynamic Secrets Plugin**, which automates secret and parameter creation, ensuring secure, efficient, and scalable deployments. |
| 13 | + |
| 14 | +--- |
5 | 15 |
|
6 | 16 | ## 📌 Overview |
7 | 17 |
|
|
10 | 20 | - **Generates AWS Secrets Manager resources dynamically** using parameter values. |
11 | 21 | - **Supports parameter overrides** via CLI and files. |
12 | 22 | - **Prevents secret exposure** by setting `NoEcho: true`. |
| 23 | +- **Supports encryption using AWS KMS** (future roadmap feature). |
| 24 | +- **Allows secret fetching from AWS S3** (future roadmap feature). |
13 | 25 |
|
14 | | -This eliminates the **manual effort of defining parameters and secrets** in your `serverless.yml`! |
| 26 | +This eliminates the **manual effort of defining parameters and secrets** in your `serverless.yml` and ensures better security practices. |
15 | 27 |
|
16 | 28 | --- |
17 | 29 |
|
18 | 30 | ## 🛠 Installation |
19 | 31 |
|
20 | 32 | ### Using npm |
21 | 33 | ```bash |
22 | | -npm install --save-dev serverless-dynamic-secrets |
| 34 | +npm install --save-dev @distinction-dev/serverless-dynamic-secrets |
23 | 35 | ``` |
24 | 36 |
|
25 | 37 | ### Using yarn |
26 | 38 | ```bash |
27 | | -yarn add -D serverless-dynamic-secrets |
28 | | -``` |
| 39 | +yarn add -D @distinction-dev/serverless-dynamic-secrets |
| 40 | +``` |
| 41 | + |
| 42 | +--- |
| 43 | + |
| 44 | +## 🚀 How to Use |
| 45 | + |
| 46 | +### 1️⃣ Define Your Secrets and Parameters |
| 47 | +Create a `params.json` file with the structure: |
| 48 | +```json |
| 49 | +{ |
| 50 | + "DB_PASSWORD": "supersecurepassword", |
| 51 | + "API_KEY": "your-api-key" |
| 52 | +} |
| 53 | +``` |
| 54 | + |
| 55 | +### 2️⃣ Add the Plugin to `serverless.yml` |
| 56 | +```yaml |
| 57 | +plugins: |
| 58 | + - '@distinction-dev/serverless-dynamic-secrets' |
| 59 | +``` |
| 60 | +
|
| 61 | +### 3️⃣ Deploy with Secrets Management |
| 62 | +```bash |
| 63 | +npx serverless deploy --parameter-file params.json |
| 64 | +``` |
| 65 | + |
| 66 | +--- |
| 67 | + |
| 68 | +## 🌟 Features (Roadmap) |
| 69 | +✅ **Automatic CloudFormation Parameter & Secrets Manager Resource Creation** (Completed) |
| 70 | +🛠 **Custom Config for File Name** (Planned) |
| 71 | +🛠 **Secret Metadata Support** (Planned) |
| 72 | +🛠 **Override Existing Secrets** (Planned) |
| 73 | +🛠 **Conflict Handling with Prefixes** (Planned) |
| 74 | +🛠 **KMS Encryption Support** (Planned) |
| 75 | +🛠 **S3-Based Secret Management** (Planned) |
| 76 | +🛠 **Cross-Account Secret Access** (Planned) |
| 77 | +🛠 **SSM Parameter Store Support** (Planned) |
| 78 | +🛠 **Generalization for Masked/Unmasked Values** (Planned) |
| 79 | + |
| 80 | +--- |
| 81 | + |
| 82 | +## 🎯 Why Use This Plugin? |
| 83 | +✔ **Saves Time** – No more manually defining parameters and secrets. |
| 84 | +✔ **Secure by Default** – Prevents secret exposure using `NoEcho: true`. |
| 85 | +✔ **Flexible & Scalable** – Works with any Serverless project. |
| 86 | +✔ **Easy to Use** – Just add a JSON file and deploy! |
| 87 | + |
| 88 | +--- |
| 89 | + |
| 90 | +## 💬 Need Help? |
| 91 | +Have questions or suggestions? Join our dev community or open an issue on GitHub! Let's make serverless development smarter together. 💪🔥 |
0 commit comments