History

Sven Rebhan 7981260f22 feat(agent): Add command-line option to specify password (#12812 )		2023-03-09 11:54:27 +01:00
..
README.md	fix(secretstores): cleanup duplicate printing (#12401 )	2022-12-15 06:35:05 -07:00
jose.go	feat(agent): Add command-line option to specify password (#12812 )	2023-03-09 11:54:27 +01:00
jose_test.go	fix(secretstores): cleanup duplicate printing (#12401 )	2022-12-15 06:35:05 -07:00
sample.conf	fix(secretstores): cleanup duplicate printing (#12401 )	2022-12-15 06:35:05 -07:00

README.md

Javascript Object Signing and Encryption Secret-store Plugin

The jose plugin allows to manage and store secrets locally protected by the Javascript Object Signing and Encryption algorithm.

To manage your secrets of this secret-store, you should use Telegraf. Run

telegraf secrets help

to get more information on how to do this.

Configuration

# File based Javascript Object Signing and Encryption based secret-store
[[secretstores.jose]]
  ## Unique identifier for the secret-store.
  ## This id can later be used in plugins to reference the secrets
  ## in this secret-store via @{<id>:<secret_key>} (mandatory)
  id = "secretstore"

  ## Directory for storing the secrets
  path = "/etc/telegraf/secrets"

  ## Password to access the secrets.
  ## If no password is specified here, Telegraf will prompt for it at startup time.
  # password = ""

Each secret is stored in an individual file in the subdirectory specified using the path parameter. To access the secrets, a password is required. This password can be specified using the password parameter containing a string, an environment variable or as a reference to a secret in another secret store. If password is not specified in the config, you will be prompted for the password at startup.

Please note: All secrets in this secret store are encrypted using the same password. If you need individual passwords for each jose secret, please use multiple instances of this plugin.