External Secrets Plugin

We've launched a plugin that allows injecting secrets directly into a session, this allow administrators to have a more secure setup when provisioning credentials. This plugin have two options: * Derived secrets from environment variables inside an agent * Derived secrets from AWS secrets manager The pre-requisite is that secrets are encoded as JSON, so in practice, this: * ENV_CONFIG='{"PG_PWD": "mypgsecret"}' Is mapped to a session as YOURKEY=mypgsecret In a nutshell # create a conne

Free White Paper

External Secrets Operator (K8s): The Complete Guide

Architecture patterns, implementation strategies, and security best practices. Delivered to your inbox.

Andrios Robert

We've launched a plugin that allows injecting secrets directly into a session, this allow administrators to have a more secure setup when provisioning credentials.

This plugin have two options:

Derived secrets from environment variables inside an agent
Derived secrets from AWS secrets manager

The pre-requisite is that secrets are encoded as JSON, so in practice, this:

Continue reading? Get the full guide.

External Secrets Operator (K8s): Architecture Patterns & Best Practices

Free. No spam. Unsubscribe anytime.

ENV_CONFIG='{"PG_PWD": "mypgsecret"}'

Is mapped to a session as YOURKEY=mypgsecret

In a nutshell

# create a connection
# PGPWD is the key that you want to expose
hoop admin create connection bash --agent test-agent \
    -e PGPWD=envjson:ENV_CONFIG:PG_PWD \
    --overwrite -- /bin/bash

# configure/create the plugin
hoop admin create plugin secretsmanager \
    --connection bash \
    --source hoop/secretsmanager \
    --overwrite

# run it
$ hoop exec bash -i 'env |grep -i PGPWD'
mypgsecret

Check it out our documentation for more details

External Secrets Plugin

See hoop.dev in action