Skip to content

Add documentation for AWS SSM Parameter Store secrets adapter#196

Open
davafons wants to merge 1 commit intobasecamp:mainfrom
davafons:main
Open

Add documentation for AWS SSM Parameter Store secrets adapter#196
davafons wants to merge 1 commit intobasecamp:mainfrom
davafons:main

Conversation

@davafons
Copy link
Copy Markdown

@davafons davafons commented Mar 2, 2026
edited
Loading

Documentation for basecamp/kamal#1791

Copilot AI review requested due to automatic review settings March 2, 2026 13:40
Copilot AI reviewed Mar 2, 2026
View reviewed changes
Copy link
Copy Markdown

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Adds documentation for an upcoming aws_ssm_parameter_store secrets adapter to the kamal secrets command docs, including usage examples and a comparison table against other secret backends.

Changes:

  • Document AWS SSM Parameter Store as a new secrets source, with fetch/extract examples.
  • Add a comparison table covering 1Password vs AWS Secrets Manager vs AWS SSM Parameter Store.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@davafons davafons mentioned this pull request Mar 2, 2026
Open
@davafons davafons changed the title Add AWS SSM Parameter Store secrets adapter documentation Add documentation for AWS SSM Parameter Store secrets adapter Mar 2, 2026
@davafons davafons marked this pull request as ready for review March 2, 2026 14:59
Copilot AI review requested due to automatic review settings March 2, 2026 14:59
Copilot AI reviewed Mar 2, 2026
View reviewed changes
Copy link
Copy Markdown

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 1 out of 1 changed files in this pull request and generated 2 comments.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

docs/commands/secrets.md

# Extract the secret
kamal secrets extract REGISTRY_PASSWORD <SECRETS-FETCH-OUTPUT>
kamal secrets extract MyItem/REGISTRY_PASSWORD <SECRETS-FETCH-OUTPUT>
Copy link

Copilot AI Mar 2, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The extract example uses MyItem/REGISTRY_PASSWORD, but the rest of the SSM section uses /myapp/myapp paths and never introduces what MyItem represents for Parameter Store. Align the extract examples with the same naming convention used in the fetch examples to avoid confusion.

Suggested change
kamal secrets extract MyItem/REGISTRY_PASSWORD <SECRETS-FETCH-OUTPUT>
kamal secrets extract myapp/REGISTRY_PASSWORD <SECRETS-FETCH-OUTPUT>

Copilot uses AI. Check for mistakes.
docs/commands/secrets.md
# Fetch passwords
kamal secrets fetch --adapter aws_ssm_parameter_store --account default REGISTRY_PASSWORD DB_PASSWORD

# Fetch passwords from an item
Copy link

Copilot AI Mar 2, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This section labels --from /myapp as fetching "from an item", but the other examples imply --from is a path/prefix in Parameter Store. Consider renaming this heading/text to "from a path/prefix" (or similar) so readers don’t confuse it with an item-based vault model.

Suggested change
# Fetch passwords from an item
# Fetch passwords from a path/prefix

Copilot uses AI. Check for mistakes.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@davafons