Skip to content

Allow SOPS to use custom AWS KMS and STS Endpoint #1679

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
wants to merge 1 commit into
base: main
Choose a base branch
from
Draft

Allow SOPS to use custom AWS KMS and STS Endpoint #1679

wants to merge 1 commit into from

Conversation

anandavj
Copy link

@anandavj anandavj commented Nov 19, 2024
edited
Loading

There's case when I have custom endpoint for my AWS service, with this changes I could specify STS and KMS endpoint for my AWS service
Example usage:

creation_rules:
  - kms: "kms-arn"
    aws_profile: "default"
    aws_kms_endpoint: "https://kms.us-west-1.customawsendpoint.com"
    aws_sts_endpoint: "https://sts.us-west-1.customawsendpoint.com"

@felixfontein felixfontein added this to the 3.10.0 milestone Dec 1, 2024
felixfontein
felixfontein reviewed Dec 1, 2024
View reviewed changes
Copy link
Contributor

@felixfontein felixfontein left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for your contribution! I can't really comment on the AWS specific things, but as a general note, it looks like you should use gofmt to reformat the changes you made.

keyservice/keyservice.pb.go
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This file is automatically generated, you should not manually modify it, but instead modify the protobuf definition and re-generate it. Right now protobuf regeneration doesn't work (see #1576) though, but I hope that will get fixed soon.

Copy link
Author

@anandavj anandavj Dec 1, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

thanks for the review, I've modify the protobuf definition and re-generate it
I use #1688 makefile but I won't include it on this PR as it's already covered in another PR

@anandavj
Copy link
Author

anandavj commented Dec 1, 2024

Thanks for your contribution! I can't really comment on the AWS specific things, but as a general note, it looks like you should use gofmt to reformat the changes you made.

Thanks for the note, I've ran gofmt and it should be good now

@anandavj
Copy link
Author

I apologize forgot to run the test after merging with main, I've fix the protobuf and finish test it in my local @felixfontein
Screenshot 2024-12-14 212146

@anandavj anandavj force-pushed the main branch 2 times, most recently from 7bc71e5 to 70eba1e Compare December 14, 2024 14:50
@felixfontein
Copy link
Contributor

You have quite a few commits in this PR that do not belong there. Could you please rebase your PR (instead of adding more merge commits) to get rid of the superfluous commits? Thanks.

@felixfontein felixfontein modified the milestones: 3.10.0, 3.11.0 Mar 31, 2025
@anandavj anandavj marked this pull request as draft May 5, 2025 17:13
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@felixfontein felixfontein Awaiting requested review from felixfontein

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
area/keyservice enhancement keyservice/awskms
Projects
None yet
Milestone
3.11.0
Development

Successfully merging this pull request may close these issues.
2 participants
@anandavj @felixfontein