How do you share secret configs with your team members?

Question

I always struggle to share secret configs with someone else working on the same project. I wonder if there is a secure way that HN community uses that I don't know about. Thanks!

bradknowles · Accepted Answer

For things that are deployed on AWS, I would recommend AWS Secrets Manager or SSM Parameter Store. Two different options for similar use cases.Of course, you have to build your tooling so as to pull these parameters out and put them where they are needed at the time of deployment, but at least you&rsquo;re handing off the storage and distribution of these secrets to another entity that has a lot more experience in doing so.

davismwfl · Answer

We use 1Password and shared vaults. Allows us to permission control who sees what and who has access to things. Honestly, it makes things super easy overall. Not saying it is perfect, but it takes a lot of the effort out of the process.We will probably start looking at a way to automate the downloading of the files from 1Password via the command line tool, that way it can be fully automated for deployments right from our deployment box. Right now a human still has to grab the secrets file and make it available for the deployment script, which isn't as ideal but it is simple and better IMO then sending a file around where multiple copies start to exist which could cause a problem with deployments.