How to hide the access keys of aws amazon productively in VagrantFile file
-
26-12-2019 - |
Pregunta
I have Vagrant + Puppet project in a public Git I recently had problems sending access_key_id public keys and secret_access_key along with VagrantFile file. Crackers used AWS in my name.
Since then I remove the keys before updating the online git, and every time I need to add the keys in the file again if I want to manipulate the machines in aws.
Is there a way Vagrant Recognizing these variables using an environment variable? in a way that I can declare it outside the file and that every time you make "Vagrant UP" my machine automatically load the values without the need to add in hand?
I use Ubuntu "12:04" in all machines. Thanks.
Solución
Yep, I think you can use environment variables for this:
- access_key_id ->
AWS_ACCESS_KEY
- secret_access_key ->
AWS_SECRET_KEY
You can see this in the source code of vagrant-aws
.
Otros consejos
You can create a custom .box
for your purpose and then ignore it from source control.
The .box
is simply a tar archive that contains a file called metadata.json
and, optionally, a Vagrantfile
that gets merged with the one in your project directory.
You can find an useful example here.