Awesome

play-secret-rotation

Rotating your Application Secret on an active cluster of Play app servers - without downtime

How to use this Play add-on

You'll need to choose a secure data-store for holding your Application Secret:

• AWS Parameter Store - fully supported
• not AWS Secrets Manager, because surprisingly it doesn't suit the use-case very well.
• anything else... you'll need to write your own implementation of com.gu.play.secretrotation.SnapshotProvider

Then:

• Update your Play server to read the rotating secrets from the data store with RotatingSecretComponents
• Setup a periodic job to update your secret in the secure data-store, eg with com.gu.play.secretrotation.aws.parameterstore.Lambda

Could Play add direct support for Application Secret rotation?

...see https://github.com/playframework/playframework/issues/12520