Getting started
Reference
Variables

Variables

Overview

Variables are environment variables and secrets injected into your application containers. They provide configuration, connection strings, API keys, and other settings needed by your application at runtime. Tapitalee supports both plaintext variables and encrypted secrets.

Purpose and Benefits

  • Centralized Configuration: Manage all application settings in one place
  • Secret Management: Encrypted storage for sensitive values via AWS Secrets Manager
  • Automatic Injection: Variables are automatically available in all containers
  • Separation of Concerns: Keep configuration separate from code

CLI Usage

Set Variable 

tapit  set variable <variable_name> <variable_value> [secret=yes]

Sets or updates an environment variable for your application.

Required Parameters

  • variable_name: The name of the environment variable (uppercase by convention)
  • variable_value: The value to set

Optional Parameters

  • secret=yes: Store the value as an encrypted secret in AWS Secrets Manager

Examples 

# Set a regular configuration variable
tapit set variable DATABASE_POOL 10

# Set a secret API key
tapit set variable STRIPE_SECRET_KEY sk_live_abc123 secret=yes

# Set a connection URL
tapit set variable REDIS_URL redis://localhost:6379

Show Variable 

tapit  show variable <variable_name>

Displays the value of a specific environment variable.

Examples 

tapit show variable DATABASE_URL
tapit show variable STRIPE_SECRET_KEY

List Variables 

tapit  list variables

Shows all environment variables configured for your application. Secret values are masked.

Delete Variable 

tapit  delete variable <variable_name>

Permanently removes an environment variable from your application.

Examples 

tapit delete variable OLD_API_KEY
tapit delete variable DEPRECATED_SETTING

Import Variables 

tapit  import variables [secret=yes] < file_with_KEY=value_entries

Bulk imports variables from a file containing KEY=value pairs (one per line).

Optional Parameters

  • secret=yes: Import all variables as encrypted secrets

Examples 

# Import regular variables from a .env file
tapit import variables < .env

# Import all as secrets
tapit import variables secret=yes < production.env

Clone Variables 

tapit [-a dest_app_name] clone variables <source_app_name> [exclude=KEY1,KEY2] [from_team=team_name]

Copies all variables (including secrets) from a source application to the current application. Useful for setting up new environments or preview apps.

Required Parameters

  • source_app_name: Name of the app to copy variables from

Optional Parameters

  • exclude: Comma-separated list of variable names to skip
  • from_team: Team name if the source app is in a different team

Examples 

# Clone all variables from another app
tapit -a myapp-staging clone variables myapp-prod

# Clone excluding certain keys
tapit -a myapp-dev clone variables myapp-prod exclude=STRIPE_KEY,SENDGRID_KEY

# Clone from a different team
tapit -a myapp clone variables other-app from_team=other-team

Variable Types

Regular Variables

  • Stored as plaintext in the database
  • Suitable for non-sensitive configuration values
  • Examples: PORT, LOG_LEVEL, DATABASE_POOL

Secrets

  • Encrypted using AWS Secrets Manager
  • Suitable for API keys, passwords, tokens
  • Examples: DATABASE_URL, API_SECRET_KEY, SMTP_PASSWORD

Add-On Variables

When you create add-ons (databases, storage, etc.), Tapitalee automatically injects connection variables:

  • RDS: DATABASE_URL (or custom name)
  • ElastiCache: REDIS_URL (or custom name)
  • S3: S3_BUCKET_<name> and related variables
  • EFS: EFS_MOUNT_POINT (or custom name)
  • DocumentDB: MONGO_URL (or custom name)

Add-on variables are managed automatically and cannot be manually deleted while the add-on exists.

Console SessionCommands