Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Remove @aws-sdk/client-secrets-manager dependency from backend #678

Open
dangtony98 opened this issue Jun 22, 2023 · 9 comments
Open

Remove @aws-sdk/client-secrets-manager dependency from backend #678

dangtony98 opened this issue Jun 22, 2023 · 9 comments
Labels
💻 code improvements good first issue Good for newcomers help wanted Open for contributions from the community

Comments

@dangtony98
Copy link
Collaborator

Feature description

As part of the initiative to reduce dependencies on the backend, it'd be great to remove the @aws-sdk/client-secrets-manager dependency that's currently used as an SDK in the AWS secret manager (AWS SM) integration to sync secrets from Infisical to AWS SM.

This task involves replacing this dependency with the HTTPS Query API as mentioned here.

The HTTPS Query API gives you programmatic access to Secrets Manager and AWS. The HTTPS Query API allows you to issue HTTPS requests directly to the service and thus we can use it to create/read/update/delete secrets in AWS SM.

Why would it be useful?

This would further enhance the security of Infisical by reducing dependencies.

Additional context

This shouldn't be too difficult and I'd recommend it as a great first issue especially since the AWS SM integration is already made; we just need to refactor logic to use the HTTP Query API instead of the AWS SM SDK.
@dangtony98 dangtony98 added good first issue Good for newcomers help wanted Open for contributions from the community 💻 code improvements labels Jun 22, 2023
@abdullahranginwala
Copy link

I would love to work on this issue. Based on my initial look at the code, I have identified the following services/functions to be replaced with HTTPS Query API:
CreateSecretCommand, GetSecretValueCommand, ResourceNotFoundException, SecretsManagerClient, UpdateSecretCommand .

However, I couldn't find a detailed documentation for making the create/read/update/delete calls.

This seems like a straightforward implementation but some more context about the APIs will be extremely helpful.

@dangtony98
Copy link
Collaborator Author

That would be great @abdullahranginwala - Just assigned it to you!

Definitely join the Slack; best to communicate there

@abdullahranginwala
Copy link

I am unable to join slack since it requires a work email ending with @infisical.com

@JunedKhan101
Copy link
Contributor

@abdullahranginwala I don't think so that is the case, I have joined the slack community with my gmail account.

@dangtony98
Copy link
Collaborator Author

Hi @abdullahranginwala,

Can you try joining via this link: https://infisical.com/slack

Let me know if it works!

@abdullahranginwala
Copy link

Yup, worked! I was trying to access the other link

@abdullahranginwala
Copy link

Apologies for such a late reply. Is this issue still active? @dangtony98

@abdullahranginwala
Copy link

Upon further investigation, it seems the issue is more complex due to AWS Signature 4 authentication requirements. For now, I am setting this aside.

@dangtony98
Copy link
Collaborator Author

@abdullahranginwala Sounds good!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
💻 code improvements good first issue Good for newcomers help wanted Open for contributions from the community
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@abdullahranginwala @dangtony98 @JunedKhan101