DEV Community

Discussion on: Protecting and syncing secret keys

pavelloz profile image
Paweł Kowalski • Edited on

There is also AWS KMS (i think its recommended by AWS nowadays)

On github there is also "secrets" under repo /settings/secrets - if you use github actions. GHA then can set environment variables based on secrets value.

And of course universal method (assuming you use git) - git crypt - if you insist on keeping those in files in repo.

andrewbrown profile image
Andrew Brown 🇨🇦

When I was mentioning envelope encryption on Secrets Manager or SSM Parameter Store that is using KMS. So you checkbox encrypt and choose a key from KMS.