chamber

Store secrets using AWS KMS and SSM Parameter Store
chamber logo

Chamber: A Tool for Managing Secrets

Chamber is a tool that stores secrets in a secure manner. By default, it uses AWS Parameter Store as the backend for storing secrets.


Configuring Chamber

To configure Chamber to use an alternative endpoint, set the CHAMBER_aws_secrets_manager_endpoint environment variable.


S3 Backend (Experimental)

Chamber provides an experimental S3 backend for storing secrets in S3. To use this feature, run chamber -b s3 --backend-s3-bucket=mybucket. This bucket should reject uploads that do not set the server-side encryption header.


S3 Backend using KMS Key Encryption (Experimental)

This feature is similar to the S3 backend but uses KMS Key Encryption to encrypt secrets at rest. To use this feature, run chamber -b s3-kms --backend-s3-bucket=mybucket --kms-key-alias=alias/keyname.


Null Backend (Experimental)

Chamber also provides a null backend that does not store any secrets. This feature is experimental and should only be used for testing purposes.


Analytics

Chamber includes analytics code that is turned off by default. This code tracks usage of internal tools and can only be enabled via a linker flag at build time.


Releasing Chamber

To release a new version of Chamber, simply push a tag named v<semver> where <semver> is a valid semver version. This tag will be used by Github Actions to automatically publish the release.





> Visit chamber Website <
Best Search
Popular Tags