Hi guys, are there any best practices around passi...
# orm-helpb
Bardhi
01/02/2019, 10:16 PMHi guys, are there any best practices around passing in secrets to Prisma? I am looking into using AWS Secrets Manager to store my DB password.
1) Does Prisma provide out of the box support to read the password from an aws secret, assuming it runs on an instance and has the right permissions to read the secret?
2) If the answer to the above is no, is there a way to run a script that sets up the config file before Prisma starts? We’re running prisma in a k8s cluster using the
prismagraphql/prisma:1.19h
Harshit
01/03/2019, 5:20 AMYou can mount a PRISMA_CONFIG_PATH to a yml file
Harshit
01/03/2019, 5:21 AMHarshit
01/03/2019, 5:22 AMMaybe use a script to change the content of the config because we do not support AWS Secrets Manager natively
b
Bardhi
01/03/2019, 10:29 PMI see, okay, yeah that seems to work. It’ll be a problem when we rotate the password since it won’t be a graceful reconnect, but I guess we’ll have to live with that
Bardhi
01/03/2019, 10:30 PMthanks for the tip!
👍 1
3 Views