App Secrets (gx secret)

gx secret [-hV] [COMMAND] [-a[=<application_name>]] <secretKey> [-e[=<environment>]]

Often, action handlers talking to external services need to access authentication secrets to connect to those services. These need to be handled and stored such that they are not broadly exposed. Grainite provides a mechanism, through gx secret to conveniently store/access these within the Grainite database in separate system tables.

Insert a Secret

To store a key into Grainite that can be used within a specific application, you can use the following command

gx secret put <key_name> <secret value> --app <application_name> --env_name <environment>

Alternatively, --file can be used to have gx read the secret from a file and store it:

gx secret put <key_name> --file <path to secret file> --app <application_name> --env_name <environment>

Get a Secret

To fetch the key from Grainite, the following command can be used. Only users authorized to access the server, can perform this.

gx secret get <key_name> --app <application_name> --env_name <environment>

Delete a Secret

To delete a secret, the following command can be used. Only authorized users can perform this.

gx secret delete <key_name> --app <application_name> --env_name <environment>

Last updated