Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add SecureString for PushString to AWS Parameter Store #3422

Closed
meysam81 opened this issue Apr 29, 2024 · 4 comments · Fixed by #3576 · May be fixed by #3581
Closed

Add SecureString for PushString to AWS Parameter Store #3422

meysam81 opened this issue Apr 29, 2024 · 4 comments · Fixed by #3576 · May be fixed by #3581
Labels
good first issue Good for newcomers kind/feature Categorizes issue or PR as related to a new feature.

Comments

@meysam81
Copy link

Is your feature request related to a problem? Please describe.
I'm baffled as to why this is not a customizable flag in the PushSecret.spec to set the parameter type for AWS SSM Parameter Store.
This is the offending line:

external-secrets/pkg/provider/aws/parameterstore/parameterstore.go

Line 141 in e32bc39

parameterType := "String"

This should obviously be something the client should be able to customize, with the default of String if you really want it. But, nevertheless, it shouldn't be a hard-coded value.

Describe the solution you'd like
I'd like to be able to modify the value to SecureString please. On the same topic, you should also be able to set the Parameter Tier of either Standard or Advanced. reference

Describe alternatives you've considered
The alternative is to fork the repo and modify it to have the default hard-coded value of SecureString (cause I'm not a Go guy by any means 😬).

Additional context
nada
@meysam81 meysam81 added the kind/feature Categorizes issue or PR as related to a new feature. label Apr 29, 2024
@gusfcarvalho
Copy link
Member

To whoever pick up this issue - this change should be done on SecretStore CRDs, where a flag can be set and then consumed (instead of the current hard coded value).

@gusfcarvalho gusfcarvalho added the good first issue Good for newcomers label May 1, 2024
@crabique
Copy link

For SecureString it would also require specifying the encryption KMS key ID for cases where a non-default key should be used.

@vsantos
Copy link
Contributor

vsantos commented Jun 7, 2024

Can I work on this improvement?

@Skarlso
Copy link
Contributor

Skarlso commented Jun 8, 2024

Sure. Go ahead!

@vsantos vsantos mentioned this issue Jun 12, 2024
Merged
5 tasks
@crabique crabique mentioned this issue Jun 12, 2024
Open
@vsantos vsantos mentioned this issue Jun 14, 2024
Draft
5 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
good first issue Good for newcomers kind/feature Categorizes issue or PR as related to a new feature.
Projects
None yet
Milestone
No milestone
5 participants
@Skarlso @crabique @vsantos @gusfcarvalho @meysam81