Versions Compared

Old Version 7

changes.mady.by.user Steffen Drya

Saved on

compared with

New Version 8

changes.mady.by.user Steffen Drya

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

The root360 platform does provide a default set of environment variables already, e.g. details about other components (databases, cache layers, filesystems and so on) or the current environment (test, stage, prod, ….). Using those environment variables via install.sh you can configure your application with the appropriate endpoints of the environment.

You can enhance or extend this list of variables by adding new items yourself using the CLI-Suite (root360). The content will be added to an encrypted vault inside AWS SecretsManager.

To verify the values on the targets you’re setting the secrets for, you can run sudo get-application-env (see here How to access a database via SSH tunnel?) on these roles.

Note

Variables already being provided by Managed AWS Hosting platform can’t be overwritten. Duplicate variable names will be post-fixed with _CONFLICTING_KEY.

Preconditions

List Secrets

As the secrets scope is per role, you must provide a role parameter.

Code Block
~$ r3 secret list --role example
+-------------+-----------------------------------------------+
|   Secret    |                     Value                     |
+-------------+-----------------------------------------------+
| EXAMPLE_VAR | these-are-not-the-secrets-you-are-looking-for |
+-------------+-----------------------------------------------+

Add/Update secrets

Secrets must be added/updated for a specific role.

Code Block
~$ r3 secret update --role example --name MYVAR --value "may-the-cloud-be-with-you"
2020-11-17 10:42:40 r3-11364 SUCCESS  Secret "MYVAR" successfully updated.
+-------------+-----------------------------------------------+
|   Secret    |                     Value                     |
+-------------+-----------------------------------------------+
| EXAMPLE_VAR | these-are-not-the-secrets-you-are-looking-for |
| MYVAR       | may-the-cloud-be-with-you                     |
+-------------+-----------------------------------------------+

Delete secrets

Secrets must be deleted for a specific role.

Code Block
~$ r3 secret delete --role example --name MYVAR
2020-11-17 10:44:18 r3-11387 SUCCESS  Secret "MYVAR" successfully deleted.
+-------------+-----------------------------------------------+
|   Secret    |                     Value                     |
+-------------+-----------------------------------------------+
| EXAMPLE_VAR | these-are-not-the-secrets-you-are-looking-for |
+-------------+-----------------------------------------------+

Related tutorials

Filter by label (Content by label)
showLabelsfalse
showSpacefalse
cqllabel in ( "deployment" , "application" , "r3-suite" , "secrets" ) and ancestor = "2014352487" and space = currentSpace ( )

Related components

Filter by label (Content by label)
showLabelsfalse
showSpacefalse
cqllabel in ( "deployment" , "application" , "r3-suite" , "secrets" ) and ancestor = "2014350220" and space = currentSpace ( )

Status
colourYellow
titleintermediate

Table of Contents
exclude(Related * | Recommended * |Table of contents).*

Filter by label (Content by label)
showLabelsfalse
max10
showSpacefalse
sorttitle
titleRelated questions
cqllabel in ( "database" , "backup" , "snapshot" , "r3-suite" , "deployment" ) and space = currentSpace ( ) and ancestor = "1539539030"