Which secret management tools are supported?

This skill supports HashiCorp Vault, AWS Secrets Manager, Azure Key Vault, Google Secret Manager, and native platform secrets for GitHub and GitLab.

How does this skill help prevent credential leaks?

It provides implementation guides for secret scanning tools like TruffleHog and pre-commit hooks that detect and block sensitive data before it is committed to your repository.

Can I use this for Kubernetes environments?

Yes, it includes specialized patterns for the External Secrets Operator to securely sync secrets from external providers into Kubernetes clusters.

Does it support automated rotation?

Absolutely. It includes logic and templates for automated rotation using AWS Lambda and best practices for manual rotation processes.

Secrets Management

Name: Secrets Management
Author: Microck

byMicrock

•

108

セキュリティとテスト

Implement and manage secure credentials and secret rotation across CI/CD pipelines and cloud environments.

概要

This skill provides comprehensive guidance and implementation patterns for securing sensitive information within software development lifecycles. It covers industry-standard tools like HashiCorp Vault, AWS Secrets Manager, and native CI/CD solutions, offering ready-to-use templates for GitHub Actions, GitLab CI, and Kubernetes. By emphasizing least-privilege access, automated rotation, and secret scanning, this skill helps developers ensure that API keys, database credentials, and certificates are never hardcoded or exposed, significantly reducing the risk of security breaches.

主な機能

Multi-provider support including Vault, AWS, Azure, and Google Cloud
Automated secret rotation patterns and Lambda implementations
Proactive secret scanning and pre-commit hook configurations
Kubernetes integration using External Secrets Operator
CI/CD pipeline templates for GitHub Actions and GitLab CI
108 GitHub stars

ユースケース

Implementing centralized secrets management with HashiCorp Vault
Setting up automated database password rotation in AWS
Securing credentials in automated deployment pipelines

概要

主な機能

Multi-provider support including Vault, AWS, Azure, and Google Cloud
Automated secret rotation patterns and Lambda implementations
Proactive secret scanning and pre-commit hook configurations
Kubernetes integration using External Secrets Operator
CI/CD pipeline templates for GitHub Actions and GitLab CI
108 GitHub stars

ユースケース

Implementing centralized secrets management with HashiCorp Vault
Setting up automated database password rotation in AWS
Securing credentials in automated deployment pipelines