How does this help prevent accidental secret leaks?

It includes instructions for setting up secret scanning with TruffleHog and pre-commit hooks to catch credentials before they are committed to your repository.

Does this skill support multi-cloud environments?

Yes, it includes implementation patterns for AWS Secrets Manager, Azure Key Vault, and Google Secret Manager.

Does it provide code for secret rotation?

Yes, the skill includes patterns for automated rotation using AWS Lambda as well as standard manual rotation processes.

Can I use this with GitHub Actions?

Absolutely, it provides specific YAML templates for importing secrets from Vault or using native GitHub Secrets securely.

Secrets Management

Name: Secrets Management
Author: amurata

byamurata

•

배포 및 DevOps

Implements secure secrets management protocols and automated rotation for CI/CD pipelines.

소개

This skill provides comprehensive guidance and implementation patterns for securing sensitive credentials within CI/CD workflows. It covers industry-standard tools like HashiCorp Vault and AWS Secrets Manager, offering actionable templates for GitHub Actions, GitLab CI, and Kubernetes. By integrating secret rotation, scanning with tools like TruffleHog, and least-privilege access principles, it ensures that your application credentials remain protected and are never exposed in source control.

주요 기능

Multi-platform integration for Vault, AWS, Azure, and GCP
CI/CD pipeline templates for GitHub Actions and GitLab CI
3 GitHub stars
Automated secret rotation patterns and Lambda implementations
Secret scanning configuration and pre-commit hook setup
Kubernetes integration via External Secrets Operator

사용 사례

Automating the rotation of third-party API keys and TLS certificates
Preventing secret leakage in repositories using automated scanning tools
Securing database credentials in production deployment pipelines

소개

주요 기능

Multi-platform integration for Vault, AWS, Azure, and GCP
CI/CD pipeline templates for GitHub Actions and GitLab CI
3 GitHub stars
Automated secret rotation patterns and Lambda implementations
Secret scanning configuration and pre-commit hook setup
Kubernetes integration via External Secrets Operator

사용 사례

Automating the rotation of third-party API keys and TLS certificates
Preventing secret leakage in repositories using automated scanning tools
Securing database credentials in production deployment pipelines