Node.js module for reading credstash secrets without needing snakes
const Credstash = require('credstash');
const credstash = new Credstash();
// .get method for one key (table query)
credstash.get('secret', (e, secret) => {
console.log('do not share the secret', secret);
});
// .list method for multiple keys (table scan)
credstash.list((e, secrets) => {
console.log('do not share the secrets', secrets);
});
Ensure you have AWS credentials configured. The credentials should be set up as a secret reader
$ yarn add credstash
Credstash is a little utility for managing credentials in the cloud
This module is for environments where you are using credstash to store secrets, and you want to read secrets within node without installing python. The module could be used within your node module to retrieve, for instance, database connection credentials from credstash.
Credstash support versioning of secrets which allows to easily rotate secrets.
By default node-credstash will return the latest (most recent version of a secret). You can also retrieve the latest N versions of a secret as follows:
import Credstash from 'credstash';
const credstash = new Credstash();
credstash.get('secret', { limit: 3 }, (err, secrets) => {
console.log('this is the last version', secrets[0]);
console.log('this is the second-last', secrets[1]);
console.log('this is the third-last', secrets[2]);
});