hiera-eyaml-kms 0.1 → 0.2

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 7e602a14226ec30ad5947431c5fa08a7a4e9d06a
4
- data.tar.gz: f61d036c16aa49f5a552c46a5902744729f879b2
3
+ metadata.gz: 51a7d9c24c0cf9d779bd64fb3dc15807c5b4a326
4
+ data.tar.gz: 8b7ad632e699114d57515ee159108bbbe233ec32
5
5
  SHA512:
6
- metadata.gz: 5f549ed5e034e0e06364d2b4c8c3726e57de862ba42340db1e192399532af4bedca17b8cddbaaed21f7bb46d496068ee73a8f4c88b435f4733d1efb3ef224ce0
7
- data.tar.gz: 298684abfb1078b1b0fb851b31facbb37c51b754ca11816475875f15d73a160d3a90fbce8c4193fa3db231dff2097fee915dfa6aee54f9944ea824ef0ab6b5c2
6
+ metadata.gz: d1490a53865886c0348221746f21e9f84f3258a039fa662b3cc8ee279e0bccb9db501060b1a359134ca0bf6039b95ec534e9838b04edab3df35b645a5b87a0fc
7
+ data.tar.gz: 4370f60d769a3f99edc5c1467a66315fe265ce5e603c601dfd2859ad7210f1a10a3bf6a6a6de61dbefb1ba21484a988537ed06cee64de7aa57d24f5c42e28328
data/Gemfile CHANGED
@@ -1,6 +1,6 @@
1
1
  source 'https://rubygems.org/'
2
2
 
3
- gem 'aws-sdk', '~> 2'
3
+ gemspec
4
4
 
5
5
  group :development do
6
6
  gem "aruba"
data/README.md CHANGED
@@ -41,8 +41,9 @@ Configuration
41
41
  This plugin adds 2 options to hiera-eyaml:
42
42
 
43
43
  ```
44
- --kms-key-id=<s> KMS Key ID (default: )
45
- --kms-aws-region=<s> AWS Region (default: ap-southeast-2)
44
+ --kms-key-id=<s> KMS Key ID (default: )
45
+ --kms-aws-region=<s> AWS Region (default: ap-southeast-2)
46
+ --kms-aws-profile=<s> AWS Profile (default: default)
46
47
  ```
47
48
 
48
49
  To avoid passing CLI parameters every call to eyaml, you can create a config file to set the defaults.
@@ -55,9 +56,11 @@ Example:
55
56
  ---
56
57
  kms_key_id: '00000000-0000-0000-0000-000000000000'
57
58
  kms_aws_region: 'us-west-1'
59
+ kms_aws_profile: 'your-profile'
58
60
  ```
59
61
 
60
62
  Authors
61
63
  =======
62
64
 
63
65
  - [Allan Denot](http://github.com/adenot)
66
+
@@ -1,11 +1,8 @@
1
1
  # -*- encoding: utf-8 -*-
2
- lib = File.expand_path('../lib', __FILE__)
3
- $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
4
- require 'hiera/backend/eyaml/encryptors/kms'
5
2
 
6
3
  Gem::Specification.new do |gem|
7
4
  gem.name = "hiera-eyaml-kms"
8
- gem.version = Hiera::Backend::Eyaml::Encryptors::Kms::VERSION
5
+ gem.version = "0.2"
9
6
  gem.description = "AWS KMS encryptor for use with hiera-eyaml"
10
7
  gem.summary = "Encryption plugin for hiera-eyaml backend for Hiera"
11
8
  gem.author = "Allan Denot"
@@ -16,4 +13,6 @@ Gem::Specification.new do |gem|
16
13
  gem.executables = gem.files.grep(%r{^bin/}).map{ |f| File.basename(f) }
17
14
  gem.test_files = gem.files.grep(%r{^(test|spec|features)/})
18
15
  gem.require_paths = ["lib"]
16
+
17
+ gem.add_runtime_dependency 'aws-sdk-kms'
19
18
  end
@@ -2,7 +2,7 @@ require 'openssl'
2
2
  require 'hiera/backend/eyaml/encryptor'
3
3
  require 'hiera/backend/eyaml/utils'
4
4
  require 'hiera/backend/eyaml/options'
5
- require 'aws-sdk'
5
+ require 'aws-sdk-kms'
6
6
 
7
7
  class Hiera
8
8
  module Backend
@@ -17,19 +17,24 @@ class Hiera
17
17
  :default => "" },
18
18
  :aws_region => { :desc => "AWS Region",
19
19
  :type => :string,
20
- :default => "ap-southeast-2" }
20
+ :default => "ap-southeast-2" },
21
+ :aws_profile => { :desc => "AWS Account",
22
+ :type => :string,
23
+ :default => "default"}
21
24
  }
22
25
 
23
- VERSION = "0.1"
26
+ VERSION = "0.2"
24
27
  self.tag = "KMS"
25
28
 
26
29
  def self.encrypt plaintext
30
+ aws_profile = self.option :aws_profile
27
31
  aws_region = self.option :aws_region
28
32
  key_id = self.option :key_id
29
33
  raise StandardError, "key_id is not defined" unless key_id
30
34
 
31
35
  @kms = ::Aws::KMS::Client.new(
32
- region: aws_region
36
+ profile: aws_profile,
37
+ region: aws_region,
33
38
  )
34
39
 
35
40
  resp = @kms.encrypt({
@@ -41,10 +46,12 @@ class Hiera
41
46
  end
42
47
 
43
48
  def self.decrypt ciphertext
49
+ aws_profile = self.option :aws_profile
44
50
  aws_region = self.option :aws_region
45
51
 
46
52
  @kms = ::Aws::KMS::Client.new(
47
- region: aws_region
53
+ profile: aws_profile,
54
+ region: aws_region,
48
55
  )
49
56
 
50
57
  resp = @kms.decrypt({
metadata CHANGED
@@ -1,15 +1,29 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: hiera-eyaml-kms
3
3
  version: !ruby/object:Gem::Version
4
- version: '0.1'
4
+ version: '0.2'
5
5
  platform: ruby
6
6
  authors:
7
7
  - Allan Denot
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2015-08-26 00:00:00.000000000 Z
12
- dependencies: []
11
+ date: 2018-05-16 00:00:00.000000000 Z
12
+ dependencies:
13
+ - !ruby/object:Gem::Dependency
14
+ name: aws-sdk-kms
15
+ requirement: !ruby/object:Gem::Requirement
16
+ requirements:
17
+ - - '>='
18
+ - !ruby/object:Gem::Version
19
+ version: '0'
20
+ type: :runtime
21
+ prerelease: false
22
+ version_requirements: !ruby/object:Gem::Requirement
23
+ requirements:
24
+ - - '>='
25
+ - !ruby/object:Gem::Version
26
+ version: '0'
13
27
  description: AWS KMS encryptor for use with hiera-eyaml
14
28
  email:
15
29
  executables: []
@@ -46,7 +60,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
46
60
  version: '0'
47
61
  requirements: []
48
62
  rubyforge_project:
49
- rubygems_version: 2.0.14
63
+ rubygems_version: 2.0.14.1
50
64
  signing_key:
51
65
  specification_version: 4
52
66
  summary: Encryption plugin for hiera-eyaml backend for Hiera