Presentation
secenv
is an utility tool to list, read and fill secrets from multiple stores.
It also defines contexts, and generates the associated environment values.
For now, secenv
can read secrets from:
- Azure Key Vault, using the
azure-keyvault-secrets
library - AWS SecretsManager, using the
boto3
library - Bitwarden, using the
rbw
unofficial CLI (it is planned to migrate to plain Python) - Environment, using the
os
built-in library - GCP Secret Manager, using the
google-cloud-secret-manager
library - GNU Pass, using the
passpy
library - Hashicorp Vault, using the
hvac
library - Scaleway Secret Manager, using plain HTTP requests
Once the secrets get read, one can define a context, basically a list of secrets, and switch to this context.
One can define as well a list of secrets to provide, and secenv
will ask, for each secret and if it doesn't exist yet, for a value to fill it.