Skip to content
/ decrypt-and-start Public

Rewrite of kms-encryption-toolbox's decrypt-and-start in Go

License

MIT license
1 star 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

ApplauseOSS/decrypt-and-start

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

155 Commits
.github
.github
 
 
ci
ci
 
 
lib
lib
 
 
test
test
 
 
.gitignore
.gitignore
 
 
CODEOWNERS
CODEOWNERS
 
 
LICENSE
LICENSE
 
 
Makefile
Makefile
 
 
README.md
README.md
 
 
go.mod
go.mod
 
 
go.sum
go.sum
 
 
main.go
main.go
 
 

Repository files navigation

decrypt-and-start

This project began as a shell script to invoke the kms-encryption decrypt on the variables in the environment, looking for anything with a prefix of "decrypt:", decrypting it using AWS KMS using the instance's profile, and exporting the decrypted value back to the environment before exec to the next command.

This is used as a Docker entrypoint for containers to be able to decrypt encrypted environment variables passed into it.

Usage

This project is a replacement for the ApplauseOSS/kms-encryption-toolbox supplied shell script, decrypt-and-start.

It can be run as:

$ decrypt-and-start some other program

It can also take an optional flag to control the number of parallel workers:

$ decrypt-and-start -p 20 -- some other program

Tool can also assume other role for kms access

$ decrypt-and-start --assume-role arn:aws:iam::XXXXXXXXX:role/YYYY some other program

About

Rewrite of kms-encryption-toolbox's decrypt-and-start in Go

Topics

aws encryption aes kms

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

1 star

Watchers

19 watching

Forks

0 forks
Report repository

Releases 9

v0.5.2 Latest
Mar 25, 2024
+ 8 releases

Packages

No packages published

Contributors 4

  •  
  •  
  •  
  •  

Languages