Symfony 8 AWS Secrets Bundle

#php #symfony #aws #webdev

My previous bundle that supported Symfony 5 and 6 was downloaded over 210.000 times, so it looks like it was useful. :D I've decided to publish an updated one that follows new Symfony bundle architecture as a separate library. More in the second part of this article.

Anyway...

GitHub: https://github.com/constup-foss/symfony8-aws-secrets-bundle

What it does

This bundle allows you to use secrets stored in AWS Secrets Manager as parameter values in your Symfony 8 service container. If you are using AWS Secrets Manager to store encrypted secrets with access control that limits who (or what application) can see and use them through IAM roles, this bundle is for you.

It supports several methods of authentication:

by loading a profile from your ~/.aws directory
by using long-term credentials (AccessKeyId and SecretAccessKey) from your AWS IAM user
by using temporary AWS STS tokens

Using it is very simple and does not require any additional programming from your part. Just set a value of a desired environment variable to the name of your AWS secret, use the provided env var processor to process that environment variable in your service container and you are ready to use the value. That's it.

The bundle supports using an endpoint to connect to AWS. Useful if your AWS connection is behind your corporate infrastructure or if you want to perform integration tests on something like LocalStack. It also supports fetching individual JSON keys from your AWS secret. Just name the key after the name of the secret when assigning a value to your environment variable.

Complete documentation is available in the repository including:

A practical step-by-step example how to use the bundle to load database connection credentials in DoctrineORM;
How to use the bundle in different environments (bare metal, docker, AWS CodeBuild pipeline)

A little bit of history and why feedback matters

My original AWS Secrets Bundle (https://github.com/constup-foss/aws-secrets-bundle) was published in August 2021 for Symfony 5. It was just something that I needed for my job at the time and decided to publish it. Apart from just a couple of pull requests, mainly to support Symfony 6 and later 7, there wasn't much feedback. Barely any GitHub stars (11 in total, mostly from my friends), barely any issues. I honestly thought that no one uses it, and since I've mostly moved my work to Node and TypeScript, I just forgot about it.

Fast forward 4 and a half years. I've logged in to Packagist to add a new composer library. No one really logs in to Packagist unless they need to publish something. When you do, the statistics are on a page that you don't need to visit. But, I was in a "cleanup mode"... cleaning up old and obsolete repositories, separating my GitHub account to my personal one and one for FOSS,... so I needed to see if I need to deprecate or delete some libraries.

And the number of was simply there: 212.549 downloads.

I have abandoned the project a long time ago simply because there was no indication that anyone was using it.

So, if you are using a library, consider sending a star. It's not about vanity, it's not even about showing gratitude. It's about letting library maintainers know that their work is used so that they don't abandon it thinking that no one does... just like I did.