Encrypt your AWS API Key with GPG

In AWS, when you create a user in IAM and you give that user ‘programatic’ access, AWS will give you that user’s API key. there are two major rules one must follow with the API key.

  1. NEVER hard code your API key into your code.
  2. Never store your API unencrypted.

To help with #2, in Linux you can just use GPG

First install it, for Ubuntu:

    sudo apt-get install gnupg2 -y

#or for RHEL:/Centos

 

    yum install gnupg2

 

and then just run it against the text file where your API keys are:

  1. Encrypt the file with the command
    gpg -c API.txt
  2. Enter a unique password for the file and hit Enter.
  3. Verify the newly typed password by typing it again and hitting Enter.

 

      4. Looking at the output of an an ls -hal the original file is still there; so

    rm -rf API.txt

      5. When ready, Decrypt the file with the command

    gpg API.txt

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s