Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Also add support for SSM secrets in AWS TriggerAuthentication #6311

Open
sneljo1 opened this issue Nov 6, 2024 · 3 comments
Open

Also add support for SSM secrets in AWS TriggerAuthentication #6311

sneljo1 opened this issue Nov 6, 2024 · 3 comments
Labels
feature-request All issues for new features that have not been committed to needs-discussion

Comments

@sneljo1
Copy link

sneljo1 commented Nov 6, 2024

Proposal

Besides accessing secrets from secretsmanager, similar to secrets-store-csi-driver-provider-aws, we should be able to fetch secure secrets from SSM. This will allow more flexibility for implementation

Use-Case

This will allow users already using SSM to not have to copy their secrets

Is this a feature you are interested in implementing yourself?

No

Anything else?

No response

@sneljo1 sneljo1 added feature-request All issues for new features that have not been committed to needs-discussion labels Nov 6, 2024
@JorTurFer
Copy link
Member

Hello
I'm not sure if I get your point totally. Does SSM mean AWS Systems Manager? Assuming that yes, I think that we can extend the current implementation of the AWS Secret Manager and support calling to the new service (with another parameter to declare it).
WDYT @kedacore/keda-contributors ?

@sneljo1
Copy link
Author

sneljo1 commented Nov 6, 2024

I'm not sure if I get your point totally. Does SSM mean AWS Systems Manager? Assuming that yes, I think that we can extend the current implementation of the AWS Secret Manager and support calling to the new service (with another parameter to declare it).
WDYT @kedacore/keda-contributors ?

Yes indeed, in Parameter Store you can also store secure secrets. The secrets-store implementation uses for example a objectType property for each secret to differentiate between using secretsmanager or ssmparameter. But i've seen other implementations that make the distinction by taking into account a ssm: prefix to decide to retrieve it from Parameter Store instead.

@zroubalik
Copy link
Member

Yeah, I like this

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
feature-request All issues for new features that have not been committed to needs-discussion
Projects
Status: To Triage
Development

No branches or pull requests

3 participants