{"id":24660229,"url":"https://github.com/skarpdev/hapi-aws-secrets-manager-emulator","last_synced_at":"2025-10-07T21:32:22.201Z","repository":{"id":33395178,"uuid":"135292088","full_name":"skarpdev/hapi-aws-secrets-manager-emulator","owner":"skarpdev","description":"Minimal emulator for AWS Secrets Manager (for use locally and in CI)","archived":false,"fork":false,"pushed_at":"2022-12-09T08:43:14.000Z","size":701,"stargazers_count":7,"open_issues_count":10,"forks_count":6,"subscribers_count":3,"default_branch":"master","last_synced_at":"2023-02-26T20:47:03.050Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/skarpdev.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2018-05-29T12:23:15.000Z","updated_at":"2023-01-21T01:33:08.000Z","dependencies_parsed_at":"2022-07-27T15:30:40.724Z","dependency_job_id":null,"html_url":"https://github.com/skarpdev/hapi-aws-secrets-manager-emulator","commit_stats":null,"previous_names":[],"tags_count":null,"template":null,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/skarpdev%2Fhapi-aws-secrets-manager-emulator","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/skarpdev%2Fhapi-aws-secrets-manager-emulator/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/skarpdev%2Fhapi-aws-secrets-manager-emulator/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/skarpdev%2Fhapi-aws-secrets-manager-emulator/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/skarpdev","download_url":"https://codeload.github.com/skarpdev/hapi-aws-secrets-manager-emulator/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":235658769,"owners_count":19025116,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2025-01-26T03:18:50.157Z","updated_at":"2025-10-07T21:32:21.852Z","avatar_url":"https://github.com/skarpdev.png","language":"JavaScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# AWS Secrets Manager emulator\n\nNote that since this project was made, [LocalStack](https://github.com/localstack/localstack) has added support for secrets manager. That project is likely to better maintained, than this one.\n\nAvailable on Docker Hub as [skarpdev/aws-secrets-manager-emulator](https://hub.docker.com/r/skarpdev/aws-secrets-manager-emulator/).\n\nAt the moment, an extremely minimal emulator of [AWS Secrets Manager](https://aws.amazon.com/secrets-manager/).\n\nSupported AWS Secrets Manager features:\n- [GetSecretValue](https://docs.aws.amazon.com/secretsmanager/latest/apireference/API_GetSecretValue.html)\n- [UpdatetSecret](https://docs.aws.amazon.com/secretsmanager/latest/apireference/API_UpdateSecret.html)\n- [CreateSecret](https://docs.aws.amazon.com/secretsmanager/latest/apireference/API_CreateSecret.html)\n\nLimitations:\n- it ignores secret versions\n- it ignores authentication\n- it provides an almost entirely hardcoded ARN\n\nOther features:\n- it has a UI for simple secret management\n- it can preload secrets based on 1-file-1-secret in a given directory\n\n\n## Configuration\n\nConfiguration is done through environment variables.\n\n- `SECRETS_MANAGER_PORT` the port to run on - **default is 3000**\n- `SECRETS_MANAGER_PRELOAD_DIRECTORY` absolute path of directory from which to read initial set of secrets (see below) - **default is empty**\n- `SECRETS_MANAGER_SECRETS` secrets to preload if you are unable to use volume mounts - **default is empty**\n\n\n## Preloading secrets\n\nPreloading secrets can be done either via files or by passing a JSON string through an environment variable.\n\nIf you define the same SecretId as both a file and in environment - **the version from env will win**.\n\n\n### Via files\n\nAs secrets are really just JSON blobs, we thought it would be easiest just to say that 1 file becomes 1 secret.\n\nIn [example-secrets](./example-secrets) you can see, well, an example of this.\n\n`flat` becomes a secret with `SecretId = flat` and secret string is the content of the file.\n\n`hierarchy.one` becomes a secret with `SecretId = hierarchy/one`.\n\n`hierarchy.two` becomes a secret with `SecretId = hierarchy/two`.\n\nYou tell the emulator to preload secrets from a directory by assigning an **absolute path** to the environment variable `SECRETS_MANAGER_PRELOAD_DIRECTORY`.\n\n\n### Via environment variable\n\nYou can provide a set of initial secrets by setting the environment variable `SECRETS_MANAGER_SECRETS` to a JSON string.\n\nThe pretty-printed object would look like this:\n\n```json\n{\n    \"from/env\": \"{\\\"key\\\":\\\"value\\\"}\",\n    \"kewl\": \"{\\\"kinda\\\":\\\"ew\\\"}\"\n}\n```\n\nIt is basically a dictionary with a **string key** and a **string value**. The key becomes the SecretId and the value becomes the content.\n\nIn Bash the above would look like this:\n\n```bash\nSET SECRETS_MANAGER_SECRETS='{\"from/env\":\"{\\\"key\\\": \\\"value\\\"}\",\"kewl\":\"{\\\"kinda\\\":\\\"ew\\\"}\"}'\n```\n\n## Usage\n\n### docker-compose.yml\n\n```yaml\nversion: '3'\n\nservices:\n  secretsmanager:\n    image: skarpdev/aws-secrets-manager-emulator:0.1.0 ## remember to update the version\n    volumes:\n      - ./secrets-manager-secrets:/secrets ## preload secrets via files\n    ports:\n      - 3000:3000\n```\n\n\n### .gitlab-ci.yml\n\n```yaml\nstages:\n  - test\n\ntest-integration:\n  stage: test\n  image: $CONTAINER_TEST_IMAGE\n  variables:\n    SECRETS_MANAGER_SECRETS: '{\"from/env\":\"{\\\"key\\\": \\\"value\\\"}\",\"kewl\":\"{\\\"kinda\\\":\\\"ew\\\"}\"}'\n  services:\n    - name: skarpdev/aws-secrets-manager-emulator:0.1.0\n      alias: secretsmanager\n  script:\n    - do your thing\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fskarpdev%2Fhapi-aws-secrets-manager-emulator","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fskarpdev%2Fhapi-aws-secrets-manager-emulator","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fskarpdev%2Fhapi-aws-secrets-manager-emulator/lists"}