chore: update docs
This commit is contained in:
parent
e64621547e
commit
7b4438ec5c
28
README.md
28
README.md
@ -2,7 +2,10 @@
|
||||
|
||||
# About
|
||||
|
||||
Toolset to render and manage [AWS CloudFormation](https://aws.amazon.com/cloudformation).
|
||||
Toolset to deploy and maintain infrastructure in automated and trackable manner.
|
||||
First class support for:
|
||||
- [AWS CloudFormation](https://aws.amazon.com/cloudformation)
|
||||
- [Pulumi](https://www.pulumi.com/docs/)
|
||||
|
||||
|
||||
# Install
|
||||
@ -23,24 +26,37 @@ Options:
|
||||
|
||||
Commands:
|
||||
clean Deletes all previously rendered files locally
|
||||
create-change-set Creates a change set for an existing stack
|
||||
create-change-set Creates a change set for an existing stack - CFN only
|
||||
create-docs Parses all documentation fragments out of rendered...
|
||||
delete Deletes stacks or stack groups
|
||||
get-config Get a config value, decrypted if secret
|
||||
outputs Prints all stack outputs
|
||||
preview Preview of Pulumi stack up operation
|
||||
provision Creates or updates stacks or stack groups
|
||||
render Renders template and its parameters
|
||||
refresh Refreshes Pulumi stack / Drift detection
|
||||
render Renders template and its parameters - CFN only
|
||||
set-config Sets a config value, encrypts with stack key if secret
|
||||
sync Renders template and provisions it right away
|
||||
validate Validates already rendered templates using cfn-lint
|
||||
validate Validates already rendered templates using cfn-lint...
|
||||
```
|
||||
|
||||
## Config management
|
||||
- Within the config folder each directory represents either a stack group if it has sub-directories, or an actual Cloudformation stack in case it is a leaf folder.
|
||||
- The actual configuration for each stack is hierachly merged. Lower level config files overwrite higher-level values. Complex data structures like dictionaries and arrays are deep merged.
|
||||
|
||||
# Secrets
|
||||
## Quickstart
|
||||
TBD
|
||||
|
||||
CloudBender supports Mozilla's [SOPS](https://github.com/mozilla/sops) to encrypt values in any config yaml file since version 0.8.1
|
||||
## Secrets handling
|
||||
|
||||
### Pulumi
|
||||
CloudBender supports the native Pulumi secret handling.
|
||||
See [Pulumi Docs](https://www.pulumi.com/docs/intro/concepts/secrets/) for details.
|
||||
|
||||
### Cloudformation
|
||||
CloudBender supports [SOPS](https://github.com/mozilla/sops) to encrypt values in any config yaml file since version 0.8.1
|
||||
|
||||
If a sops encrypted config file is detected CloudBender will automatically try to decrypt the file during execution.
|
||||
All required information to decrypt has to be present in the embedded sops config or set ahead of time via sops supported ENVIRONMENT variables.
|
||||
|
||||
SOPS support can be disabled by setting `DISABLE_SOPS` in order to reduce timeouts etc.
|
||||
Loading…
Reference in New Issue
Block a user