如何指定敏感的环境变量在部署时与弹性魔豆 [英] How to specify sensitive environment variables at deploy time with Elastic Beanstalk

问题描述

我部署一个Python瓶应用程序弹性青苗。我有一个配置文件 / ebextensions / 01.config 其中，除其他事项外我设置一些环境变量 - 其中一些应该是秘密。

I am deploying a Python Flask application with Elastic Beanstalk. I have a config file /.ebextensions/01.config where among other things I set some environment variables - some of which should be secret.

该文件看起来是这样的：

The file looks something like this:

packages:
  yum:
    gcc: []
    git: []
    postgresql93-devel: []

option_settings:
  "aws:elasticbeanstalk:application:environment":
    SECRET_KEY: "sensitive"
    MAIL_USERNAME: "sensitive"
    MAIL_PASSWORD: "sensitive"
    SQLALCHEMY_DATABASE_URI: "sensitive"
  "aws:elasticbeanstalk:container:python:staticfiles":
    "/static/": "app/static/"

什么是保持一定的价值秘密的最佳实践？目前， .ebextensions 文件夹是源代码控制之下，我喜欢这个，因为它是与大家共享，但在同一时间，我不希望保留源代码管理下的敏感值。

What are the best practices for keeping certain values secret? Currently the .ebextensions folder is under source control and I like this because it is shared with everyone, but at the same time I do not want to keep sensitive values under source control.

有没有办法通过EB CLI工具进行部署时指定一些环境变量（如 EB部署-config ... ）？或者，这是怎么使用的情况下，持AWS部署工具？

Is there a way to specify some environment variables through the EB CLI tool when deploying (e.g. eb deploy -config ...)? Or how is this use case covered by the AWS deployment tools?

推荐答案

您应该能够指定的敏感值从EB Web控制台环境变量：您的EB应用程序 - >您的EB环境 - >配置 - >软件配置 - >环境属性

You should be able to specify sensitive values as environment variables from eb web console: Your EB app -> Your EB environment -> Configuration -> Software Configuration -> Environment Properties

另外，你可以利用这个： HTTP：/ /docs.aws.amazon.com/elasticbeanstalk/latest/dg/eb3-setenv.html

Alternatively, you can make use of this: http://docs.aws.amazon.com/elasticbeanstalk/latest/dg/eb3-setenv.html

这篇关于如何指定敏感的环境变量在部署时与弹性魔豆的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！