AWS Secrets Manager Vault
Retrieve secrets from AWS Secrets Manager.
Examples
- aws_secrets_manager_vault.yaml
- aws_secrets_manager_auth.yaml
- aws_secrets_manager_vault_config.yaml
vault:
aws_secrets_manager:
region: us-west-2
secret_name_prefix: my-secret-prefix
vault:
aws_secrets_manager:
region: us-west-2
auth:
role_arn: arn:aws:iam::123456789012:role/MyRole
vault:
aws_secrets_manager:
region: us-west-2
auth:
role_arn: arn:aws:iam::123456789012:role/MyRole
secret_name_prefix: my-secret-prefix
AwsSecretsManagerVault
info
AwsSecretsManagerVault is defined beneath the following ancestor nodes in the YAML structure:
Below are the properties for the AwsSecretsManagerVault. Each property links to the specific details section further down in this page.
| Property | Default | Type | Required | Description |
|---|---|---|---|---|
| name | string | No | The name of the model | |
| description | string | No | A brief description of what the model does. | |
| metadata | ResourceMetadata | No | Meta information of a resource. In most cases it doesn't affect the system behavior but may be helpful to analyze project resources. | |
| aws_secrets_manager | AwsSecretsManagerVaultOptions | No |
Property Details
Vault
A way of storing secrets for use in your project and associating it with the desired service account
| Property | Default | Type | Required | Description |
|---|---|---|---|---|
| vault | One of: EnvironmentVariablesVault LocalFileVault CredstashVault GcpSecretManagerVault AwsSecretsManagerVault AzureKeyVault AscendEnvironmentVault | Yes |
AwsSecretsManagerVaultOptions
Options for reading secrets from AWS Secrets Manager.
| Property | Default | Type | Required | Description |
|---|---|---|---|---|
| region | string | No | The AWS region that contains secrets managed by Secrets Manager. | |
| auth | AwsAuthOptions | No | AWS authentication options. | |
| secret_name_prefix | string | No | A prefix that is added to all secret names referenced in this vault. |
AwsAuthOptions
Options for authenticating with AWS.
| Property | Default | Type | Required | Description |
|---|---|---|---|---|
| role_arn | string | No | Role ARN to assume when reading from S3. |
ResourceMetadata
Meta information of a resource. In most cases it doesn't affect the system behavior but may be helpful to analyze project resources.
| Property | Default | Type | Required | Description |
|---|---|---|---|---|
| source | ResourceLocation | No | The origin or source information for the resource. | |
| source_event_uuid | string | No | UUID of the event that is associated with creation of this resource. |
ResourceLocation
The origin or source information for the resource.
| Property | Default | Type | Required | Description |
|---|---|---|---|---|
| path | string | Yes | Path within repository files where the resource is defined. | |
| first_line_number | integer | No | First line number within path file where the resource is defined. |