We're excited to introduce the new Keyper Github Action. You can now automate keyper deploy plan
and keyper deploy apply
commands in your CI/CD pipeline using Github Action. Keyper Github Action enables you to deploy data security workflows with only configurations, reducing friction between technical and non-technical teams, and ensuring consistent security policy implementation across your organization.
➡️ Check out our tutorial and try it out now
Demo
What is Keyper?
Keyper by Jarrid is a suite of data security tools designed to simplify role, key, and permission policy creation, management, and deployment. Keyper is fully integrated with popular cloud KMS services such as AWS KMS and GCP KMS, and is easy to incorporate into any existing tech stack and CI/CD workflows. With Keyper's Github Action, data security policy deployment can be fully automated alongside your existing code and infrastructure.
Automated Data Security with Keyper CI/CD
Continuous Integration and Continuous Deployment (CI/CD) automates code and infrastructure deployment. By adding Keyper into your CI/CD pipeline, teams can manage data security cloud resources and policies with configurations and no code required.
Introducing the Keyper Github Action
Keyper Github Action automates role, key, and permission policy deployment in your CI/CD pipeline. It runs terraform plan
to validate configurations for new data security resources and policies, and automatically creates or updates them using terraform apply
after changes or pull requests are merged into the main branch. By integrating security management into the CI/CD process, Keyper ensures that security configurations are consistently enforced across your organization and infrastructure.
With fully configuration-driven data security management, both technical and non-technical teams can easily create and enforce standardized security policies without additional operational overhead.
How to Use the Keyper Github Action
Keyper GitHub Action automates roles, keys, and permission policies in your CI/CD pipeline.
➡️ Check out the full tutorial and try it out now
- Setup Keyper Github Action
Create the Github Action YAML file at .github/workflows/keyper-cicd.yml
in your repository and add Keyper to the steps.
```yml
name: Keyper Action (Deploy Plan/Apply)
on:
push:
branches: [main]
pull_request:
branches: [main]
jobs:
keyper-action:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Run Keyper Action (Deploy Plan)
id: keyper-plan
uses: jarrid-xyz/keyper@v0.0.4
with:
args: deploy plan
- name: Run Keyper Action (Deploy Apply)
id: keyper-apply
uses: jarrid-xyz/keyper@v0.0.4
with:
args: deploy apply
if: github.ref == 'refs/heads/main' # Only run if merged to main
```
-
Create Keyper Resources
In your repo's directory, create Keyper deployment, role, and key with Keyper CLI.
keyper create -t deployment # create deployment keyper create -t role -n role-1 # create role keyper create -t key # create key
This will generate configuration files similar to the example in the keyper-tutorial
configs └── fb94659d-ce39-45a8-a2d7-112b4104cf43 ├── deployment.json ├── key │ └── 8fc8518c-6691-4294-83ed-9dd9e46e5722.json └── role └── c90177bc-054c-42f4-89a0-3839b1f0b8f8.json
-
Create and Merge the Change
Commit and push the changes to your remote repository:
git add configs git commit -m "<commit message>" git push
Create a PR, and the Keyper Github Action will be triggered automatically to run
terraform plan
on the PR and validate the configurations. -
Check Deployment Status
If
terraform plan
looks good, merge the PR to main. The Keyper Github Action will be triggered automatically again to runterraform apply
. This will create and deploy the role and key to the cloud.
Summary
At Jarrid, we believe security is an enabler for developers. By creating security-aware developer tools, we empower engineering teams to build applications faster and more securely. Keyper automates security processes, allowing developers to focus on product features without compromising security. With a configuration-based interface, both technical and non-technical teams can collaborate to develop organization-wide security standards, minimizing miscommunication and reducing operational overhead.
With Keyper, security is embedded into the development toolings and process. Engineering teams can build secure software without compromising on simplicity and velocity. By injecting security tools into the development process, organizations can have a flexible yet robust way to evolve their security practices constantly without migrations or disruptions.