Perl 6 - the future is here, just unevenly distributed

IRC log for #confidant, 2015-11-25

| Channels | #confidant index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
20:36 gothello joined #confidant
20:37 gothello I have a nodejs app...how do I use confidant? do I have to use aws-sdk/kms and interact with it that way or does confidant have an API I can talk to?
21:03 Ryan_Lane gothello: confidant has an API, but you do need to generate a KMS token
21:04 Ryan_Lane gothello: it's not necessary for your service to directly talk to confidant, though. you could have an out-of-band process write the returned secrets to a ramdisk (like /dev/shm) and have your service read from that
21:05 Ryan_Lane we have an unopinionated client in python as an example: https://github.com/lyft/confidant/blob/master/confidant_client.py
21:08 Ryan_Lane gothello: the aws-sdk can be used to generate the kms token, then you can make the API call to confidant directly from your application as well, of course.
21:11 gothello Ryan_Lane: thanks for the reply/suggestions. I guess the goal was to centralize key/secret management, then have a clean way to get keys on the application/service level. I went digging on the documentation, but didn't really see a way to implement it, so it sounds like I have some work to do if I plan on using it :)
21:16 Ryan_Lane gothello: it shouldn't be a lot of work. you make a call to KMS to encrypt, using encryption context, then you make a single rest call to confidant
21:17 Ryan_Lane there's a lot of error checking and such in the confidant client
21:17 Ryan_Lane gothello: if you make a javascript client, we'd love to have it in the confidant repo :)
21:23 gothello Ryan_Lane: we will see how it goes, thanks again!
21:23 Ryan_Lane yw. let me know if you have any more questions. I'm here to help!

| Channels | #confidant index | Today | | Search | Google Search | Plain-Text | summary