Allow data encryption key read from env var for AWS Keystore

Question

Allow data encryption key read from env var for AWS Keystore

ram-nadella opened this issue 3 years ago · comments

Ram Nadella commented 3 years ago

Environment

Ruby Version: 2.6
Symmetric Encryption Version: 4.3.2
Application/framework names and versions: Rails 6.x
Keystore: AWS

Expected Behavior

(not a bug, new feature)

Be able to read the data encryption key from an env var when using the AWS Keystore instead of file to avoid putting keys on the filesystem.

Actual Behavior

Feature does not exist

Pull Request

#148 (Work in progress)

Reid Morrison · Answer 1 · Mon May 03 2021 22:53:33 GMT+0800 (China Standard Time)

We have switched away from the complex configuration file and now use Secret Config to hold the encryption keys. It also holds all of our passwords and other configuration settings.
We found it much simpler to manage, and is also secured by a KMS key.
https://config.rocketjob.io/