IntenseWebs/grafana
3
0
Fork 0
mirror of https://github.com/grafana/grafana.git synced 2025-02-25 18:55:37 -06:00
Code Issues Packages Projects Releases Wiki Activity

Chore: Remove unused AWS KMS provider's token setting (#44531)

Browse Source
This commit is contained in:
Tania B 2022-01-27 17:15:49 +02:00 committed by GitHub
parent dc7639354e
commit 1a9c293984
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 0 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
docs/sources/enterprise/kms-integration/using-aws-kms-to-encrypt-database-secrets.md
View File

@ -39,7 +39,6 @@ You can use an encryption key from AWS Key Management Service to encrypt secrets
- `access_key_id`: The AWS Access Key ID that you previously generated. - `access_key_id`: The AWS Access Key ID that you previously generated.
- `secret_access_key`: The AWS Secret Access Key you previously generated. - `secret_access_key`: The AWS Secret Access Key you previously generated.
- `token`: (Optional) An AWS Session Token, which you must provide if you created temporary credentials.
- `region`: The AWS region where you created the KMS key. The region is contained in the keys ARN. For example: `arn:aws:kms:*us-east-2*:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab` - `region`: The AWS region where you created the KMS key. The region is contained in the keys ARN. For example: `arn:aws:kms:*us-east-2*:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab`
An example of an AWS KMS provider section in the `grafana.ini` file is as follows: An example of an AWS KMS provider section in the `grafana.ini` file is as follows:
@ -53,8 +52,6 @@ You can use an encryption key from AWS Key Management Service to encrypt secrets
;access_key_id = AKIAIOSFODNN7EXAMPLE ;access_key_id = AKIAIOSFODNN7EXAMPLE
# AWS secret access key # AWS secret access key
;secret_access_key = wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY ;secret_access_key = wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
# AWS session token, optional
;token = AQoDYXdzEJr...<REMAINDER OF SECURITY TOKEN>
# AWS region, for example eu-north-1 # AWS region, for example eu-north-1
;region = eu-north-1 ;region = eu-north-1
``` ```

1
pkg/setting/setting.go
View File

@ -472,7 +472,6 @@ func RedactedValue(key, value string) string {
"ACCOUNT_KEY", "ACCOUNT_KEY",
"ENCRYPTION_KEY", "ENCRYPTION_KEY",
"VAULT_TOKEN", "VAULT_TOKEN",
"AWSKMS_.*_TOKEN",
} { } {
if match, err := regexp.MatchString(pattern, uppercased); match && err == nil { if match, err := regexp.MatchString(pattern, uppercased); match && err == nil {
return RedactedPassword return RedactedPassword