The Laravel Secrets Vault package provides a seamless integration between Laravel applications and secret management services, starting with support for AWS Secrets Manager. This package allows developers to securely manage application secrets, such as database passwords or API keys, outside of their version control systems, improving the security posture of their applications.
- Laravel 8.x or higher
- PHP 7.4 or higher
You can install the package via composer:
composer require sunwolfengineering/laravel-secrets-vault
After installing, you should publish the package's configuration file to your application's config directory:
php artisan vendor:publish --provider="SunwolfEngineering\LaravelSecretsVault\LaravelSecretsVaultServiceProvider" --tag="config"
After publishing the config file, it will appear in your application's config directory as secrets-vault.php. You'll need to set the appropriate environment variables in your .env
file to configure the AWS SDK and enable the package:
LARAVEL_SECRETS_VAULT_ENABLED=true
AWS_DEFAULT_REGION=your-aws-region
AWS_ACCESS_KEY_ID=your-aws-access-key-id
AWS_SECRET_ACCESS_KEY=your-aws-secret-access-key
LARAVEL_SECRETS_VAULT_TAG_NAME=stage
LARAVEL_SECRETS_VAULT_TAG_VALUE=local
Additionally, you can define mappings from secret keys in AWS Secrets Manager to your Laravel application's config keys within the mappings array in the secrets-vault.php config file.
With the package installed and configured, it automatically fetches and injects the secrets into your Laravel application's configuration based on the mappings defined in the secrets-vault.php config file. This process occurs during the application's bootstrapping phase, ensuring that your secrets are available before your application services are loaded.
composer test
Please see CHANGELOG for more information what has changed recently.
Please see CONTRIBUTING for details.
Joe Purdy 💻 🚧 |
If you discover any security related issues, please email oss@sunwolf.studio instead of using the issue tracker.
The GNU GPLv3. Please see License File for more information.
Sunwolf Studio, a Fractional SRE development studio based in Portland, offers expert services to startups navigating the dynamic landscape of product development. Specializing in Site Reliability Engineering, cybersecurity, cloud application development, and developer experience optimization, Sunwolf Studio bridges the gap between technological needs and business goals. With a deep commitment to elevating development practices and ensuring product reliability, they're ready to tackle challenges from the ground up and foster long-term growth. For more on their hands-on approach and to explore potential collaborations, visit Sunwolf Studio.