Keydra Documentation
GitHubToggle Dark/Light/Auto modeToggle Dark/Light/Auto modeToggle Dark/Light/Auto modeBack to homepage
  1. Keydra - Secrets Management for Humans!
  2. /
  3. About Config Providers

About Config Providers

Config providers are a special type of Keydra provider, that can be the source of secrets and environments for Keydra to manage.

They must have an accountusername attribute, and a load_config method, which they use to bootstrap Keydra.

This special method is passed initial config values, which are built by Keydra from environment variables as can be seen in docs/sample_template.yaml.

    {
        "accountusername": "an_account",
        "secrets": {
            "repository": "keydraconfiguration",
            "filetype": "yaml",
            "path": "config/secrets.yaml"
        },
        "environments": {
            "filetype": "yaml",
            "repository": "keydraconfiguration",
            "path": "config/environments.yaml"
        }
    }

When distributing secrets to a code repo, the config accountusername will be used by default, unless over-ridden within the config section of the distribution spec. For example, this distribution would use the gyrospectre organisation in Github:

    distribute:
        -
            config:
                repository: my_code
                scope: repository
            envs:
                - dev
            key: AWS_ACCESS_KEY_ID
            provider: github
            source: key

Whereas this spec overrides the default to use the woot org.

    distribute:
        - 
            config:
                repository: my_code
                scope: repository
                account_username: woot
            envs:
                - dev
            key: AWS_ACCESS_KEY_ID
            provider: github
            source: key
gdoc_arrow_left_alt Providers IAM User to ingest AWS Logs into Splunk gdoc_arrow_right_alt