zhongwei/gh-jeremylongshore-claude-code-plugins-plus-plugins-devops-secrets-manager-integrator
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
7872cd6ad6e91a9551a564af11539ff9f2e3c258
gh-jeremylongshore-claude-c…/skills/secrets-manager-integrator/assets/example_secrets.yaml
Zhongwei Li 7872cd6ad6 Initial commit
2025-11-30 08:19:59 +08:00

96 lines
3.0 KiB
YAML
Raw Blame History

# Example secrets configuration file for the secrets-manager-integrator plugin.
# This file demonstrates how to configure connections to different secrets managers.
# Global configuration settings
global:
# Default secrets manager to use if not specified in a specific operation.
# Valid options: vault, aws_secrets_manager, azure_key_vault, google_secret_manager, file
default_manager: vault
# Enable debug logging (true/false)
debug: false
# Configuration for connecting to HashiCorp Vault
vault:
# Enable or disable Vault integration (true/false)
enabled: true
# Vault server address (e.g., https://vault.example.com:8200)
address: "https://REPLACE_ME_VAULT_ADDRESS:8200"
# Authentication method to use. Valid options: token, app_role, kubernetes
auth_method: token
# Token-based authentication configuration
token:
# Vault token to use for authentication
token: "YOUR_VAULT_TOKEN_HERE"
# AppRole-based authentication configuration (if auth_method is app_role)
app_role:
role_id: "YOUR_VAULT_ROLE_ID_HERE"
secret_id: "YOUR_VAULT_SECRET_ID_HERE"
# Kubernetes-based authentication configuration (if auth_method is kubernetes)
kubernetes:
role: "YOUR_VAULT_K8S_ROLE_HERE"
service_account_path: "/var/run/secrets/kubernetes.io/serviceaccount/token"
# Path prefix for secrets (e.g., secret/)
secret_path_prefix: "secret/"
# Configuration for connecting to AWS Secrets Manager
aws_secrets_manager:
# Enable or disable AWS Secrets Manager integration (true/false)
enabled: false
# AWS region (e.g., us-east-1)
region: "YOUR_AWS_REGION_HERE"
# AWS Access Key ID (optional, if not using IAM role)
aws_access_key_id: "REPLACE_ME_AWS_ACCESS_KEY_ID"
# AWS Secret Access Key (optional, if not using IAM role)
aws_secret_access_key: "REPLACE_ME_AWS_SECRET_ACCESS_KEY"
# ARN of the IAM role to assume (optional, for enhanced security)
role_arn: "YOUR_AWS_ROLE_ARN_HERE"
# Prefix for secrets (e.g., /my-app/)
secret_prefix: "/my-app/"
# Configuration for Azure Key Vault
azure_key_vault:
# Enable or disable Azure Key Vault integration (true/false)
enabled: false
# Azure Key Vault URL (e.g., https://my-key-vault.vault.azure.net/)
vault_url: "https://YOUR_KEY_VAULT_NAME.vault.azure.net/"
# Azure Tenant ID
tenant_id: "YOUR_AZURE_TENANT_ID_HERE"
# Azure Client ID (Application ID)
client_id: "YOUR_AZURE_CLIENT_ID_HERE"
# Azure Client Secret (Application Secret)
client_secret: "YOUR_AZURE_CLIENT_SECRET_HERE"
# Configuration for Google Cloud Secret Manager
google_secret_manager:
# Enable or disable Google Cloud Secret Manager integration (true/false)
enabled: false
# Google Cloud Project ID
project_id: "YOUR_GOOGLE_PROJECT_ID_HERE"
# Path to the Google Cloud service account key file (JSON)
credentials_path: "/path/to/your/google/credentials.json"
# Configuration for File-based secrets (for testing/development only!)
file:
# Enable or disable File integration (true/false)
enabled: false
# Path to the secrets file (YAML or JSON)
path: "/path/to/your/secrets.yaml"
Reference in New Issue View Git Blame Copy Permalink