Feature/ttl support

[wzedi]

Add support for expiring secrets using Dynamo DB TTL. Changes include:

1. credstash setup - enable TTL on the DD table adding a 'ttl' attribute
2. credstash put - add a '-e' flag for an expiry period in seconds
3. updated readme to document new feature

We use this feature to store SSL certs that expire in 24 hours. Rather than creating a new process in our application to track these records and remove them manually we rely on DD TTL to automatically remove the records when they are no longer required.

[wayne-luminal]

Thanks for the awesome work @wzedi. Sorry to leave you hanging for a while. I'm going through the PRs now. I'm planning to pull this in to the next major version of credstash that I'm working on now. One thing I'll note is I don't think DDB TTL is supported in us-gov-west-1. I don't know if anyone is using credstash there or not. My guess is in that region the call will fail. If you have time, would you add a protection around making the call to update_time_to_live() here. If you don't have time it's ok I'll take it up as part of the refactor and integration I'm working on for 2.0.

[wzedi]

I'll get the change in as soon as I can. Sent from my Samsung Galaxy smartphone.

…

-------- Original message -------- From: wayne-luminal <[email protected]> Date:27/10/2017 6:55 AM (GMT+10:00) To: fugue/credstash <[email protected]> Cc: Warrick <[email protected]>, Mention <[email protected]> Subject: Re: [fugue/credstash] Feature/ttl support (#170) Thanks for the awesome work @wzedi. Sorry to leave you hanging for a while. I'm going through the PRs now. I'm planning to pull this in to the next major version of credstash that I'm working on now. One thing I'll note is I don't think DDB TTL is supported in us-gov-west-1. I don't know if anyone is using credstash there or not. My guess is in that region the call will fail. If you have time, would you add a protection around making the call to update_time_to_live() here. If you don't have time it's ok I'll take it up as part of the refactor and integration I'm working on for 2.0. — You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub, or mute the thread.

[wzedi]

Updated to handle any AWS exception during ttl enablement and to present warning message. Table creation will complete and credstash can be used without ttl enablement.