Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: support AWS key manager #72

Merged
merged 29 commits into from
Nov 6, 2023
Merged

feat: support AWS key manager #72

merged 29 commits into from
Nov 6, 2023

Conversation

xuan-cu
Copy link
Contributor

@xuan-cu xuan-cu commented Oct 19, 2023
edited
Loading

Description

Provides keys for service management op-node, op-batcher, and op-proposer using the AWS platform

Rationale

The current key management is written in the configuration file, which is easy to be stolen. In the service management key of the AWS platform, only pods with permissions can obtain the corresponding key.

Example

Add configuration of environment variables

op-node
 env:
   - name: OP_NODE_AWS_P2P_SECRET_NAME
     value: ""
   - name: OP_NODE_AWS_P2P_SECRET_REGION
     value: ""
op-proposer
 env:
    - name: OP_PROPOSER_AWS_SECRET_NAME
     value: ""
   - name: OP_PROPOSER_AWS_SECRET_REGION
     value: ""
op-batcher
 env:
    - name: OP_BATCHER_AWS_SECRET_NAME
     value: ""
    - name: OP_BATCHER_AWS_SECRET_REGION
     value: ""
aws config
 {"pk": "*****"}

Changes

Add op_aws_sdk module to load keys stored in aws platform
Op-node, op-batcher, op-proposer add methods to obtain keys

bendanzhentan
bendanzhentan reviewed Oct 19, 2023
View reviewed changes
op-aws-sdk/key_manager.go Outdated Show resolved Hide resolved
op-aws-sdk/key_manager.go Outdated Show resolved Hide resolved
welkin22
welkin22 requested changes Oct 23, 2023
View reviewed changes
op-batcher/cmd/main.go Outdated Show resolved Hide resolved
@owen-reorg owen-reorg changed the title Aws key manager feat: support AWS key manager Oct 24, 2023
bendanzhentan
bendanzhentan reviewed Oct 26, 2023
View reviewed changes
op-aws-sdk/key_manager.go Outdated Show resolved Hide resolved
op-aws-sdk/key_manager.go Outdated Show resolved Hide resolved
xuan-cu and others added 3 commits October 27, 2023 09:21
@owen-reorg owen-reorg merged commit afa3cac into bnb-chain:develop Nov 6, 2023
9 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@welkin22 welkin22 welkin22 requested changes

@owen-reorg owen-reorg owen-reorg approved these changes

@bendanzhentan bendanzhentan bendanzhentan approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@xuan-cu @owen-reorg @welkin22 @bendanzhentan