2

let say I have several ElasticBeanstalk enviroments:

  • productionMyApp
  • stagingMyApp
  • qaMyApp

Each environment has really similar Dockerrun.aws.json (what volumes should be linked where) but different environment variables (e.g. what is the RDS db url, what is the Password for RDS, mandril API key ...)

should I store the environment variables for each environment in own file (qa-Dockerrun.aws.json, prod-Dockerrun.aws.json, ...) and tell eb deploy to use that file (if so how can I do this ?? )

or

should I set the environments with eb setenv POSTGRES_PASS=xyzsecretabc doc and not place them to Dockerrun.aws.json

Any other suggestions are welcome

I want to avoid having my sensitive information stored in git of course

Thank you

equivalent8
  • 121
  • 7
  • this is kinda helpful http://stackoverflow.com/questions/11211007/how-do-you-pass-custom-environment-variable-on-amazon-elastic-beanstalk-aws-ebs yet I still want to know is the recommended way – equivalent8 Nov 18 '15 at 14:23
  • `.ebextensions` is also a solution http://stackoverflow.com/a/14491294/473040 but in the end the answer shifts to recommending the "set enviroment variables via `Configuration > Software Configuration > Environment Properties`" – equivalent8 Nov 18 '15 at 14:40

1 Answers1

0

After spending some time I've decided for this solution:

do both :)

It's hard to keep track of all environment variables in elastic beanstalk (and apparently there is a limit number, didn't check that doh) and it's stupid to commit your database passwords to version control.

keep stuff that is already public like DB_PORT_5432_TCP_ADDR (RDS public DNS), DB_ENV_POSTGRES_USERNAME (postgres username), REDIS_PORT_6379_TCP_ADDR, S3_BUCKET_NAME(asset storage bucket) in Dockerrun.aws.json and under version control (git)

but stuff like DB_ENV_POSTGRES_PASSWORD, SECRET_KEY_BASE, MANDRIL_API_TOKEN, AWS_SECRET_ACCESS_KEY as Elastic Beanstalk environments

equivalent8
  • 121
  • 7