Reputation: 39
Handling Secret Keys when deploying Flask app on AWS
Working on deploying a Flask application using AWS, but the Flask app relies on API secret keys that I have saved in a config.ini file on my computer. Should I be uploading that file with the keys to AWS? How should my Flask app access those keys once deployed to AWS?
Upvotes: 0
Views: 1837
Answers (2)
Reputation: 1324
You can possibly do one of the following (Assuming that you're deploying on a Linux Based OS):
Store the keys in variables and then export them from the file:
~/.bash_profileSave them as environment variables
You can checkout this answer to see how to access them : Access environment variables from Python
Upvotes: 1
Reputation: 3760
I have not used Flask yet but as a good practice for deployment, you should never save your API keys/credentials in plain text anywhere.
For AWS related deployments which require API keys, I would suggest you use the IAM instance roles which have the required access that your application needs.
Upvotes: 2
Related Questions
- python flask application in AWS EC2
- demystify Flask app.secret_key
- How to store secrets for a Python Flask App on EC2
- Deploy flask application without AWS access key
- Python Flask server deployed on Elastic Beanstalk with AWS Internal Service Error, Logs say SECRET_KEY was never set?
- Deploying Flask App in AWS Elastic Beanstalk
- Flask deploy on ec2 Amazon aws
- deploying flask app to EC2
- Deploy simple server using Flask on AWS
- How can I protect my AWS access id and secret key in my python application