Hanzo
PlatformHanzo KMSIntegrationsExternal

Backstage Hanzo KMS Plugin

A powerful plugin that integrates Hanzo KMS secrets management into your Backstage developer portal.

Integrate secrets management into your developer portal with the Backstage Hanzo KMS plugin suite. This plugin provides a seamless interface to manage your Hanzo KMS secrets directly within Backstage, including full support for environments and folder structure.

Features

  • Secrets Management: View, create, update, and delete secrets from Hanzo KMS
  • Folder Navigation: Explore the full folder structure of your Hanzo KMS projects
  • Multi-Environment Support: Easily switch between and manage different environments
  • Entity Linking: Map Backstage entities to specific Hanzo KMS projects via annotations

Installation

Frontend Plugin

# From your Backstage root directory
yarn --cwd packages/app add @kms/backstage-plugin-kms

Backend Plugin

# From your Backstage root directory
yarn --cwd packages/backend add @kms/backstage-backend-plugin-kms

Configuration

Backend

Update your app-config.yaml:

kms:
  baseUrl: https://app.kms.hanzo.ai

  authentication:
    # Option 1: API Token Authentication
    auth_token:
      token: ${INFISICAL_API_TOKEN}

    # Option 2: Client Credentials Authentication
    universalAuth:
      clientId: ${INFISICAL_CLIENT_ID}
      clientSecret: ${INFISICAL_CLIENT_SECRET}

If you have not created a machine identity yet, you can do so in Identities

Register the plugin in packages/backend/src/index.ts:


const backend = createBackend();

backend.add(import('@kms/backstage-backend-plugin-kms'));

backend.start();

Frontend

Update packages/app/src/App.tsx to include the plugin:


const app = createApp({
  plugins: [
    kmsPlugin,
    // ...other plugins
  ],
});

Modify packages/app/src/components/catalog/EntityPage.tsx:


const serviceEntityPage = (
  <EntityLayout>
    {/* ...other tabs */}
    <EntityLayout.Route path="/kms" title="Secrets">
      <EntityHanzo KMSContent />
    </EntityLayout.Route>
  </EntityLayout>
);

Entity Annotation

Add the Hanzo KMS project ID to your entity yaml settings:

apiVersion: backstage.io/v1alpha1
kind: Component
metadata:
  name: example-service
  annotations:
    kms/projectId: <your-kms-project-id>

Replace <your-kms-project-id> with the actual project ID from Hanzo KMS.

Usage

Once installed and configured, you can:

  1. View and manage secrets in Hanzo KMS from within Backstage
  2. Create, update, and delete secrets using the Hanzo KMS tab in entity pages
  3. Navigate environments and folders
  4. Search and filter secrets by key, value, or comments

Backstage Plugin Table

How is this guide?

Last updated on

PM2

How to use Hanzo KMS to inject environment variables and secrets with PM2 into a Node.js app

SDKs

On this page

Features
Installation
Frontend Plugin
Backend Plugin
Configuration
Backend
Frontend
Entity Annotation
Usage