A Web application to manage AWS Secrets manager
- Listing secrets grid with many columns
- Support region switching
- Secrets attributes sorting
- All grid column searching
- Editing text-based secrets directly
- Download and upload binary secrets
Run:
docker run -ti \
-p 30301:30301 \
-e AWS_ACCESS_KEY_ID=123456789012 \
-e AWS_SECRET_ACCESS_KEY=wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY \
ledongthuc/awssecretsmanagerui:latest
Make sure you configure AWS credential. Then you can access http://localhost:30301
Requirement:
- Go 1.16
- Makefile
- npm 6.14
make build;
Binary will available in folder "./build/". Run it and you can access through http://localhost:30301
AWS Secrets Manager UI tool uses AWS configuration credential to authenticate requests.
More detail: https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-envvars.html
More detail: https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-files.html
-
Easy policy name: SecretsManagerReadWrite : https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-policies.html
-
Or custom action permission:
secretsmanager:*
Configurations to enable for AWS Cognito
AUTH_ENABLED=true
AUTH_TYPE=aws_cognito_auth2
AWS_COGNITO_APP_NAME=administrator
: Get from AWS Cognito App configurationAWS_COGNITO_REGION=eu-north-1
: Get from AWS Cognito App configurationAWS_COGNITO_CLIENT_ID={client_id}
: Get from AWS Cognito App configurationAWS_COGNITO_CLIENT_SECRET={secrets}
: Get from AWS Cognito App configurationAWS_COGNITO_REDIRECT_URL=http://localhost:30301/cognito/auth
: Redirect URL you want AWS cognito call backAWS_COGNITO_ALLOWED_EMAILS=abc@email.com
: Limit accepted users to login. Empty = allAWS_COGNITO_LOGIN_URL=https://administrator.auth.eu-north-1.amazoncognito.com/login?...
: Get from AWS Cognito App configuration
AWS Cognito App configurations
Default, AWS Secrets manager UI disable authentication.
AWS Secrets manager supports basic auth through two variable environments, in order enable it, try with 2 variable environments:
AUTH_ENABLED=true
AUTH_ACCOUNTS="{\"admin\":\"5994471abb01112afcc18159f6cc74b4f511b99806da59b3caf5a9c173cacfc5\"}"
AUTH_ACCOUNTS
define accounts' username and password. Password follows SHA-256, https://emn178.github.io/online-tools/sha256.html
Default, AWS Secrets manager UI get all secrets.
AWS Secrets manager support filter secrets by names through variable environment, in order to use it, you can try with variable environment:
FILTER_NAMES=production,development
FILTER_NAMES
defines which secrets you want to provide with AWS Secrets manager, each secret name is separated by comma. In the above example, you want to show only secrets with name production
and development
.
- Local storage sort, filter, search
- Support MoaiJS
- Support filter by tags
- All POST API
- Login page
- Create new secret
- Delete secret
- Thuc Le
- sinthithuthao@gmail.com (many thanks for logo)
- duysmile
- Thinh Le
- Monody Le