Download the PHP package pmg/cred-commands without Composer
On this page you can find all versions of the php package pmg/cred-commands. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.
Download pmg/cred-commands
More information about pmg/cred-commands
Files in pmg/cred-commands
Package cred-commands
Short Description Symfony console commands to interact with the AWS SSM Paramter Store
License MIT
FAQ
Example:
In general, it is recommended to use always a project to download your libraries. In an application normally there is more than one library needed.
- Some hosting areas are not accessible by a terminal or SSH. Then it is not possible to use Composer.
- To use Composer is sometimes complicated. Especially for beginners.
- Composer needs much resources. Sometimes they are not available on a simple webspace.
- If you are using private repositories you don't need to share your credentials. You can set up everything on our site and then you provide a simple download link to your team member.
- Simplify your Composer build process. Use our own command line tool to download the vendor folder as binary. This makes your build process faster and you don't need to expose your credentials for private repositories.
Informations about the package cred-commands
Deprecated!
This library came into existence to help manage secrets in AWS's ECS as described here.
This was before ECS had support for secrets and now that it does, PMG no longer uses these commands.
pmg/cred-commands
These are a set of symfony console commands that interact with the AWS SSM Parameter Store.
The goal here is to provide an easy way to fetch credentials into memory (environment variabls) on application boot. See this blog post for some details on why one might want to do this.
Installation
Usage
Using the Built In Application
Add Commands to an Existing Console Application
CLI Usage
Custom Credential Name Formatting
By default all credential names passed to the CLI are used directly, but that
can be changed with a CredentialNameFormatter implementation.
There a few provided by default, all in the PMG\CredCommands\Formatter
namespace.
NullFormatter
This is the default, just returns the credential name directly.
TemplateFormatter
Takes a $template in its constructor and replaces a {cred} in that template
with the cred name.
AppEnvFormatter
Builds a path-like credential name in the format /{appName}/{environment}/{cred}.
Why Format at All?
Because it prefixed parameter names can be used to restrict credential access by configuring IAM permissions that use the actual parameter names.
For instance, an IAM role might only include permissions to access params named
/appName/prod/*.
Using Formatters
Formatters can be passed as the second argument to the CredentialClient.
Using Custom KMS Keys for Parameter Encryption
By default AWS (and by extension this library) uses an AWS account's default KMS
key to encrypt parameters when their types are set to SecureString as they
are in this library.
Pass a third argument into the CredentialClient to specify a KMS key ID. This
can be the actual key ID (a UUID) or a key alias (in the format alias/{alias-name}).
