![dependabot[bot]](https://avatars.githubusercontent.com/in/29110?v=4&size=40){kind=avatar}
This project began as a shell script to invoke the kms-encryption decrypt
on the variables in the environment, looking for anything with a prefix of
"decrypt:", decrypting it using AWS KMS using the instance's profile, and
exporting the decrypted value back to the environment before exec to the
next command.
This is used as a Docker entrypoint for containers to be able to decrypt encrypted environment variables passed into it.
This project is a replacement for the ApplauseOSS/kms-encryption-toolbox
supplied shell script, decrypt-and-start.
It can be run as:
$ decrypt-and-start some other programIt can also take an optional flag to control the number of parallel workers:
$ decrypt-and-start -p 20 -- some other programTool can also assume other role for kms access
$ decrypt-and-start --assume-role arn:aws:iam::XXXXXXXXX:role/YYYY some other program![@dependabot[bot]](https://avatars.githubusercontent.com/in/29110?s=64&v=4){kind=small}
