[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Secrets in org-babel
From: |
Greg Minshall |
Subject: |
Re: Secrets in org-babel |
Date: |
Mon, 05 Sep 2022 22:11:55 +0300 |
Felix,
my setup is probably too complicated. and, i don't really know what
"aws secretsmanager" is, or how you interact with it. but, in case this
helps...
i put ("long-term") secrets in pass
----
https://www.passwordstore.org/
----
for "programmatic access" (in particular, for passwords needed by e-mail
sending and retrieving programs), avoiding having to enter my password
every ten minutes (or so), i wrote something called credeface/credepass
----
https://gitlab.com/minshall/credeface
----
which uses git's (!) credential cache for this service
----
https://git-scm.com/docs/git-credential
----
in your case, you might just use `credeface` to first store, then later
retrieve, whatever secrets you get from "aws secretsmanager".
occasionally (`--timeout`), you should be asked by `credeface` to
refresh that value.
----
bash archlinux (master): {1315} credeface --username ipsilon --host example.com
store
this is that
bash archlinux (master): {1316} credeface --username ipsilon --host example.com
get
cannot display secrets on the terminal
bash archlinux (master): {1317} credeface --username ipsilon --host example.com
get | cat
this is that
----
cheers, Greg