Handling Secrets with SOPS

Installation using homebrew brew install sops manual download download from GitHub https://github.com/getsops/sops/releases Using SOPS Create a sops.yaml sops.yaml creation_rules: # encrypt stuff in .secrets - aws_profile: default kms: arn:aws:kms:eu-central-1:1234567890:key/abcdefg-0123456-abcdefg (1) path_regex: ^./secrets/.*$ (2) 1 We are using AWS KMS for encryption/decryption 2 All files in the directory .secrets will be encrypted Inplace Encrypt sops -e -i .secrets/mysecret.yaml Inplace Decrypt sops -d -i .secrets/mysecret.yaml Complete Example using PGP Install GPG and create a new Key Install the GPG binaries .Linux / apt sudo apt install gnupg ...

April 19, 2024 · 2 min · 308 words · Micha Kops