- Created by Steffen Drya, last modified on Jan 30, 2021
- Not Reviewed
You are viewing an old version of this page. View the current version.
Compare with Current View Page History
« Previous Version 9 Current »
The root360 platform does provide a default set of environment variables already, e.g. details about other components (databases, cache layers, filesystems and so on) or the current environment (test, stage, prod, ….). Using those environment variables via install.sh you can configure your application with the appropriate endpoints of the environment.
You can enhance or extend this list of variables by adding new items yourself using the r3 suite. The content will be added to an encrypted vault inside AWS SecretsManager.
To verify the values on the targets you’re setting the secrets for, you can run sudo get-application-env
(see here) on these roles.
Variables already being provided by root360 can’t be overwritten.
Prerequisites
You need access to jumphost with you personal Openssh access key. How to access an environment via OpenSSH
Secret name must start with
CUSTOMER_
Secret value size must not exceed
64K
(per secret)
List Secrets
As the secrets scope is per role, you must provide a role parameter.
~$ r3 secret list --role example +----------------------+-----------------------------------------------+ | Secret | Value | +----------------------+-----------------------------------------------+ | CUSTOMER_EXAMPLE_VAR | these-are-not-the-secrets-you-are-looking-for | +----------------------+-----------------------------------------------+
Add/Update secrets
Secrets must be added/updated for a specific role and prefixed with CUSTOMER_
.
~$ r3 secret update --role example --name CUSTOMER_MYVAR --value "may-the-cloud-be-with-you" 2020-11-17 10:42:40 r3-11364 SUCCESS Secret "CUSTOMER_MYVAR" successfully updated. +----------------------+-----------------------------------------------+ | Secret | Value | +----------------------+-----------------------------------------------+ | CUSTOMER_EXAMPLE_VAR | these-are-not-the-secrets-you-are-looking-for | | CUSTOMER_MYVAR | may-the-cloud-be-with-you | +----------------------+-----------------------------------------------+
Delete secrets
Secrets must be deleted for a specific role.
~$ r3 secret delete --role example --name CUSTOMER_MYVAR 2020-11-17 10:44:18 r3-11387 SUCCESS Secret "CUSTOMER_MYVAR" successfully deleted. +----------------------+-----------------------------------------------+ | Secret | Value | +----------------------+-----------------------------------------------+ | CUSTOMER_EXAMPLE_VAR | these-are-not-the-secrets-you-are-looking-for | +----------------------+-----------------------------------------------+
Recommended Articles
-
Page:
-
Page:
-
Page:
-
Page:
-
Page:
-
Page:
-
Page:
-
Page:
-
Page:
-
Page:
-
Page:
-
Page:
-
Page:
-
Page:
-
Page:
INTERMEDIATE
- No labels