Rails 7 adds method calls for nested secrets

Ashik Salman

By Ashik Salman

on June 9, 2021

This blog is part of our  Rails 7 series.

Rails stores secrets in config/credentials.yml.enc, which is encrypted and cannot be edited directly. You can read more about credentials management here: Rails security guide.

Rails 7 allows access to nested encrypted secrets (credentials) by method calls. We can easily access the nested secrets present in the credentials YAML file like we've accessed top-level secrets previously:

1# config/credentials.yml.enc
3secret_key_base: "47327396e32dc8ac825760bb31f079225c5c0"
5  access_key_id: "A6AMOGVNQKCWLNQ"
6  secret_access_key: "jfm6b9530tPu/h8v93W4TkUJN+b/ZMKkG"
1=> Rails.application.credentials.aws
2=> {:access_key_id=>"A6AMOGVNQKCWLNQ", :secret_access_key=>"jfm6b9530tPu/h8v93W4TkUJN+b/ZMKkG"}

Before Rails 7

1=> Rails.application.credentials.aws[:access_key_id]
4=> Rails.application.credentials.aws.access_key_id
5=> NoMethodError (undefined method `access_key_id' for #<Hash:0x00007fb1adb0cca8>)

After Rails 7

1=> Rails.application.credentials.aws.access_key_id

Check out this pull request for more details.

Stay up to date with our blogs. Sign up for our newsletter.

We write about Ruby on Rails, ReactJS, React Native, remote work,open source, engineering & design.