What secret management tools does this skill support?

The skill supports a wide range of tools including HashiCorp Vault, AWS Secrets Manager, Azure Key Vault, Google Secret Manager, and native secrets for GitHub and GitLab.

Does it provide help with secret rotation?

Yes, it includes Python/Lambda examples for automated rotation in AWS and step-by-step manual rotation processes for other environments.

How does this skill help prevent credential leaks?

It provides configuration templates for secret scanning tools like TruffleHog and GitGuardian, as well as pre-commit hooks that scan code before it is pushed to a repository.

Can I use this for Kubernetes environments?

Yes, it includes patterns for the External Secrets Operator to securely sync secrets from external providers like Vault into Kubernetes native Secret objects.

Secrets Management for CI/CD

Name: Secrets Management for CI/CD
Author: HermeticOrmus

byHermeticOrmus

배포 및 DevOps

Implements robust secrets management and security best practices for CI/CD pipelines and cloud infrastructure.

소개

This skill provides comprehensive patterns and implementation guides for securing sensitive credentials within CI/CD workflows. It covers industry-standard tools like HashiCorp Vault, AWS Secrets Manager, and native platform secrets (GitHub/GitLab), enabling developers to automate secret rotation, implement least-privilege access, and prevent accidental exposure through secret scanning. Use this skill when architecting deployment pipelines that require secure handling of API keys, database credentials, and TLS certificates without hardcoding them into source code.

주요 기능

Infrastructure as Code (Terraform) examples for secure secret retrieval
0 GitHub stars
Integration patterns for HashiCorp Vault, AWS, Azure, and Google Secret Manager
Automated secret rotation scripts and Lambda handler templates
Pre-commit hooks and CI/CD jobs for secret scanning using TruffleHog
Security best practices for masking, encrypting, and auditing sensitive data

사용 사례

Implementing pre-commit hooks to prevent developers from accidentally committing plaintext credentials
Setting up secure HashiCorp Vault integration with GitHub Actions or GitLab CI
Automating the rotation of RDS database passwords using AWS Secrets Manager

소개

주요 기능

Infrastructure as Code (Terraform) examples for secure secret retrieval
0 GitHub stars
Integration patterns for HashiCorp Vault, AWS, Azure, and Google Secret Manager
Automated secret rotation scripts and Lambda handler templates
Pre-commit hooks and CI/CD jobs for secret scanning using TruffleHog
Security best practices for masking, encrypting, and auditing sensitive data

사용 사례

Implementing pre-commit hooks to prevent developers from accidentally committing plaintext credentials
Setting up secure HashiCorp Vault integration with GitHub Actions or GitLab CI
Automating the rotation of RDS database passwords using AWS Secrets Manager