Created
October 10, 2018 22:16
-
-
Save lisakoivu/f0de13d16d0b14eb9a047ae5a840f64d to your computer and use it in GitHub Desktop.
decrypting a master password from infrastructure-blackbox
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Authenticate to the relevant account. In this case, the account is front end staging. | |
| Clone the blackbox repo locally. | |
| Find the file that you wish to decrypt. | |
| Pipe it into gruntkms. | |
| cat mysql-stage-master-password.kms.encrympted |gruntkms decrypt --aws-region us-west-2 | |
| In this case, the string returned will be the mysql master password in fe-stg. | |
| In order to make terragrunt code aware of this password while running against George, put it in an environment variable named TF_VAR_master_password. | |
| Darn it George. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment