Channels
announcements
ask-marvin
best-practices-coordination-plane
data-ecosystem
data-tricks-and-tips
events
find-a-prefect-job
geo-bay-area
geo-berlin
geo-boston
geo-chicago
geo-colorado
geo-dc
geo-israel
geo-japan
geo-london
geo-nyc
geo-seattle
geo-texas
gratitude
introductions
marvin-in-the-wild
pacc-clearcover-june-12-2023
pacc-may-31-2023
ppcc-may-16-2023
prefect-ai
prefect-aws
prefect-azure
prefect-cloud
prefect-community
prefect-contributors
prefect-dbt
prefect-docker
prefect-gcp
prefect-getting-started
prefect-integrations
prefect-kubernetes
prefect-recipes
prefect-server
prefect-ui
random
show-us-what-you-got
Title
e
emre
10/03/2019, 10:53 AMHey all, I have been using local secrets in my production flows for a while. I want to use some other key-value store for my secrets, as it is the secure and intended way. I haven’t found much in the docs, how would I be telling Prefect Core where and how it should access this new
Secretsj
josh
10/03/2019, 12:16 PMThere has been an issue proposed for a more adaptable Secrets API https://github.com/PrefectHQ/prefect/issues/1346 which I don’t think would be difficult to implement. The Prefect secret manager definitely isn’t intended to be the only option.
cc @Chris White we should consider this again
👍 1
e
emre
10/03/2019, 12:43 PMSubclassing
Secretj
josh
10/03/2019, 12:48 PMI believe the next release of Prefect is being cut today so it could probably be fit into the release after which would come in a couple weeks.
In the mean time your best bet would be to call your AWS secret store in its own function with whichever implementation you would use in the overridden Secret class to retrieve the secrets.
r
rich
10/03/2019, 1:04 PMwhy not just call boto directly?
e
emre
10/03/2019, 1:20 PMMain concern is abstraction. Using the Secret API, I can switch easily between local secrets for development and remote secrets for production. Would also make a possible transition to Prefect Cloud easier.