|
1 | | -# Using Environment Variables |
| 1 | +# Using Environment Variables with Polykey |
| 2 | + |
| 3 | +Polykey revolutionizes the management of environment variables by injecting them securely into applications, surpassing traditional `.env` file methods. This tutorial delves into the capabilities of the `polykey secrets env` command, illustrating its versatility and offering detailed usage examples. |
| 4 | + |
| 5 | +## Introduction |
| 6 | + |
| 7 | +Environment variables are essential for configuring applications outside the codebase, managing sensitive data such as API keys and database connections. Traditional `.env` file approaches expose these to risks such as accidental exposure and plaintext storage vulnerabilities. Polykey addresses these issues by storing environment variables in encrypted vaults and injecting them dynamically into applications, enhancing security and usability. |
| 8 | + |
| 9 | +### Key Features of `polykey secrets env` |
| 10 | + |
| 11 | +- **Encrypted Storage:** Secrets are safely stored within encrypted vaults. |
| 12 | +- **Dynamic Injection:** Direct injection of secrets into applications minimizes exposure. |
| 13 | +- **Decentralized Secure Sharing:** Supports encrypted secret sharing across collaborative environments. |
| 14 | +- **Cross-Platform Compatibility:** Adapts to different operating systems with various output formats. |
| 15 | + |
| 16 | +## Prerequisites |
| 17 | + |
| 18 | +Before proceeding, ensure Polykey is installed on your system. Familiarize yourself with creating vaults and managing secrets within Polykey. |
| 19 | + |
| 20 | +## Tutorial Structure |
| 21 | + |
| 22 | +This tutorial is structured to cover a range of scenarios illustrating the use of the `polykey secrets env` command, ensuring you understand how to apply it effectively across different contexts. |
| 23 | + |
| 24 | +## Use Cases and Examples |
| 25 | + |
| 26 | +### 1. Running Applications with Secure Environment Variables |
| 27 | + |
| 28 | +Inject secrets directly into your applications at runtime, the most common and critical use case for the polykey secrets env command. |
| 29 | + |
| 30 | +#### Example: Start an application with a secure API key |
| 31 | + |
| 32 | +```bash |
| 33 | +polykey secrets env --env Weather-Ops:API_KEY -- node app.js |
| 34 | +``` |
| 35 | + |
| 36 | +This will execute `app.js` with the `API_KEY` set, sourced from the `Weather-Ops` vault. |
| 37 | + |
| 38 | +### 2. Outputting Environment Variables |
| 39 | + |
| 40 | +When you need to verify or debug environment variables without executing an application, you can output them in different formats. |
| 41 | + |
| 42 | +#### Unix-like Systems Example |
| 43 | + |
| 44 | +```bash |
| 45 | +polykey secrets env --env-format unix --env Weather-Ops:API_KEY |
| 46 | +``` |
| 47 | + |
| 48 | +#### JSON Format Example |
| 49 | + |
| 50 | +```bash |
| 51 | +polykey secrets env --env-format json --env Weather-Ops:API_KEY |
| 52 | +``` |
| 53 | + |
| 54 | +These commands display the environment variables in the console, useful for validation. |
| 55 | + |
| 56 | +### 3. Managing Variable Name Conflicts |
| 57 | + |
| 58 | +Handle potential conflicts with invalid or duplicate environment variable names efficiently. |
| 59 | + |
| 60 | +#### Ignore Invalid Names Example |
| 61 | + |
| 62 | +```bash |
| 63 | +polykey secrets env --env-invalid ignore --env Weather-Ops:API_KEY -- node app.js |
| 64 | +``` |
| 65 | + |
| 66 | +#### Overwrite Duplicates Example |
| 67 | + |
| 68 | +```bash |
| 69 | +polykey secrets env --env-duplicate overwrite --env Weather-Ops:API_KEY -- node app.js |
| 70 | +``` |
| 71 | + |
| 72 | +These settings help manage potential variable name issues dynamically during runtime. |
| 73 | + |
| 74 | +### 4. Cloud Services Integration |
| 75 | + |
| 76 | +Showcase integrating with cloud services like AWS using securely managed secrets. |
| 77 | + |
| 78 | +#### AWS CLI Integration Example |
| 79 | + |
| 80 | +```bash |
| 81 | +polykey secrets env --env AWS-Creds:AWS_ACCESS_KEY_ID,AWS-Creds:AWS_SECRET_ACCESS_KEY -- aws s3 ls |
| 82 | +``` |
| 83 | + |
| 84 | +This securely passes AWS credentials to the AWS CLI. |
| 85 | + |
| 86 | +## Managing Secrets Across Environments |
| 87 | + |
| 88 | +Discuss how to handle secrets in various environments such as development, staging, and production, using different vaults or nodes. |
| 89 | + |
| 90 | +### Dynamic Environment Handling Example |
| 91 | + |
| 92 | +```bash |
| 93 | +export PK_NODE_PATH='./prodNode' |
| 94 | +polykey secrets env --env Production-Vault:SECRET_KEY -- node deploy.js |
| 95 | +``` |
| 96 | + |
| 97 | +This facilitates secure management of different operational environments. |
| 98 | + |
| 99 | +## Conclusion |
| 100 | + |
| 101 | +The `polykey secrets env` command significantly enhances the security and management of environment variables. It allows for the dynamic and secure handling of sensitive data across different stages of development and deployment. |
| 102 | + |
| 103 | +## Additional References |
| 104 | + |
| 105 | +We encourage you to delve deeper into Polykey and consider integrating it into your workflows. For further insights and to participate in community discussions, please explore the following resources: |
| 106 | + |
| 107 | +- [Demo on replacing dotenv libraries with `polykey secrets env`:](https://polykey.com/blog/introducing-polykey-a-future-security-standard-for-replacing-dotenv-libraries) Discover how Polykey can replace traditional dotenv libraries to enhance your project's security. |
| 108 | +- [Using Polykey for secure access to cloud providers:](https://polykey.com/blog/introducing-a-new-standard-in-environment-secrets-management-with-polykey) Learn how Polykey facilitates secure interactions with cloud services. |
| 109 | + |
| 110 | +## Tying It All Together |
| 111 | + |
| 112 | +**1. Initial Setup by User A:** |
| 113 | + |
| 114 | +- User A sets up a project repository utilizing environment variables stored in a Polykey vault. |
| 115 | + |
| 116 | +**2. Collaboration with User B:** |
| 117 | + |
| 118 | +- User B, collaborating on the same project, requires access to the same environment variables to maintain consistency and functionality. |
| 119 | + |
| 120 | +**3. Secure Sharing:** |
| 121 | + |
| 122 | +- User A shares the vault with User B securely through Polykey. Once User B clones the vault, they can immediately use the custom script to inject the necessary environment variables into their session, replicating User A’s setup effortlessly. |
| 123 | + |
| 124 | +**4. Customization of Environment Variables:** |
| 125 | + |
| 126 | +- While some environment variables are shared, certain project-specific variables may need to be adjusted. Both users can modify their respective vaults or scripts as needed to accommodate these unique requirements. |
| 127 | + |
| 128 | +## Experiment with Polykey |
| 129 | + |
| 130 | +To see this process in action, consider following our detailed guide in the dotenv library replacement demo. This demo provides hands-on experience with simulating the secure environment variable sharing between two nodes controlled by you, illustrating the practical benefits and ease of using Polykey in collaborative environments. |
0 commit comments