Skip to content

[quorum] integrate aws secrets manager#2623

Merged
sownak merged 1 commit intohyperledger-bevel:developfrom
saurabhkumarkardam:quorum-2200
Sep 25, 2024
Merged

[quorum] integrate aws secrets manager#2623
sownak merged 1 commit intohyperledger-bevel:developfrom
saurabhkumarkardam:quorum-2200

Conversation

@saurabhkumarkardam
Copy link
Copy Markdown
Contributor

@saurabhkumarkardam saurabhkumarkardam commented Sep 18, 2024
edited
Loading

Commit to be reviewed

feat(quorum): integrate aws secrets manager

This PR will allow the use of the AWS service called Secrets Manager to store sensitive information, similar to how we use HashiCorp Vault for the same purpose.

- A guide named `integrate-aws-secrets-manager-with-eks.md` has been introduced to help users securely connect their EKS cluster with Secrets Manager using OIDC.
- The Quorum master README has been updated to guide users on how to deploy a network with AWS Secrets Manager.
- A Python script has been added that contains the CRUD operation code for AWS Secrets Manager, injecting the script into the container via ConfigMap.
- The Quorum Genesis and Node charts code have been updated to support Secrets Manager.

fixes #2200

sownak
sownak reviewed Sep 18, 2024
View reviewed changes
Comment thread platforms/quorum/charts/quorum-genesis/templates/genesis-job-init.yaml Outdated
sownak
sownak requested changes Sep 18, 2024
View reviewed changes
Copy link
Copy Markdown
Contributor

@sownak sownak left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

condition needs to be checked.

@suvajit-sarkar
Copy link
Copy Markdown
Contributor

suvajit-sarkar commented Sep 19, 2024

The keys will conflict if same platforms are deployed using the same secret manager region. See if the keys can be made unique using the namespace

sownak
sownak requested changes Sep 20, 2024
View reviewed changes
Comment thread platforms/quorum/charts/quorum-node/templates/node-hooks-pre-install.yaml Outdated
@saurabhkumarkardam
feat(quorum): integrate aws secrets manager
ed7bbde 
This PR will allow the use of the AWS service called Secrets Manager to store sensitive information, similar to how we use HashiCorp Vault for the same purpose.

- A guide named "integrate-aws-secrets-manager-with-eks.md" has been introduced to help users securely connect their EKS cluster with Secrets Manager using OIDC.
- The Quorum master README has been updated to guide users on how to deploy a network with AWS Secrets Manager.
- A Python script has been added that contains the CRUD operation code for AWS Secrets Manager, injecting the script into the container via ConfigMap.
- The Quorum Genesis and Node charts code have been updated to support Secrets Manager.

fixes hyperledger-bevel#2200

Signed-off-by: saurabhkumarkardam <saurabh.kumar.kardam@accenture.com>
sownak
sownak approved these changes Sep 23, 2024
View reviewed changes
Copy link
Copy Markdown
Contributor

@sownak sownak left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

suvajit-sarkar
suvajit-sarkar approved these changes Sep 24, 2024
View reviewed changes
Copy link
Copy Markdown
Contributor

@suvajit-sarkar suvajit-sarkar left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@sownak sownak merged commit 2e1e5a1 into hyperledger-bevel:develop Sep 25, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@sownak sownak sownak approved these changes

@suvajit-sarkar suvajit-sarkar suvajit-sarkar approved these changes

@adityajoshi12 adityajoshi12 Awaiting requested review from adityajoshi12 adityajoshi12 is a code owner

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@saurabhkumarkardam @suvajit-sarkar @sownak