chamber
chamber copied to clipboard
segmentio
Add option to write the `value` from prompt if `value` is not provided
It would be nice to get a prompt if the value is omitted during a write operation
This would still work
$ chamber write service key value
<secret stored>
$
If value is omitted, then it could prompt
$ chamber write service key
A value was not provided, please provide it in the secure prompt below and press enter.
<user types in secret and it does not show up visually>
<user presses enter>
<secret stored>
$
It doesn't really address the request here, but passing a value of - to chamber write has chamber read the value from standard input. There is no prompt, and the value being typed is echoed back. If the secret value is piped in from a file, though, it wouldn't appear. Something like:
chamber write service key - < mysecret.txt
Facing the same issues above, I just decided to write custom bash functions to do prompts properly:
# write to parameter store
chamber_write_to_ssm() {
export CHAMBER_KMS_KEY_ALIAS=aws/ssm
local service_name=$1
local secret_key=$2
shift 2
echo -n "Enter secret value for $secret_key (input will be hidden): "
read -s secret_value
echo
chamber write "$service_name" "$secret_key" "$@" -- "$secret_value"
}
# write to secrets manager
chamber_write_to_smr() {
export CHAMBER_KMS_KEY_ALIAS=aws/secretsmanager
local service_name=$1
local secret_key=$2
shift 2
echo -n "Enter secret value for $secret_key (input will be hidden): "
read -s secret_value
echo
chamber write "$service_name" "$secret_key" -b secretsmanager "$@" -- "$secret_value"
}
