Skip to content

Make endpoint config optional in AWS secrets-manager keystore config #496

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Make endpoint config optional in AWS secrets-manager keystore config #496

wants to merge 1 commit into from

Conversation

derSascha
Copy link
Contributor

The AWS SDK contains a set of pre-configured endpoints. Make the endpoint config optional, and let the SDK decide what endpoint should be used. This fixes #495. See #495 about more details.

Maybe we should make the region optional too. Both can be autoconfigured by the SDK.

@derSascha
Copy link
Contributor Author

Tested with IRSA on EKS with a config like this:

  keystore:
    aws:
      secretsmanager:
        region: us-east-1
        kmskey: arn:aws:kms:us-east-1:...

@derSascha derSascha force-pushed the aws-secrets-manager-make-endpoint-optional branch 2 times, most recently from 3be2fd3 to b44a799 Compare January 31, 2025 09:39
@derSascha
Copy link
Contributor Author

@aead @shtripat any chance to look into this? Changes in this pull-request are comparable small

@derSascha
aws: make endpoint config optional
aa65aed 
The AWS SDK contains a set of pre-configured endpoints. Make the endpoint config optional,
and let the SDK decide what endpoint should be used.
@derSascha derSascha force-pushed the aws-secrets-manager-make-endpoint-optional branch from b44a799 to aa65aed Compare April 23, 2025 10:37
@derSascha
Copy link
Contributor Author

Rebased on the current master. @aead @shtripat any chance to merge this? It's only a minimalistic change in the config parser/validator

@shtripat shtripat requested a review from aead April 23, 2025 12:03
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@aead aead Awaiting requested review from aead

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Required AWS endpoint configuration does not work with STS/IRSA
1 participant
@derSascha