MemberJune 24, 2020 at 10:59 pm
We can store the database credentials to AWS Secrets Manager, But Secrets manager cannot deploy an application to your on-premises servers using Elastic Beanstalk. What about EC2 , can the applications which is running on EC2 or ECS take the credentials from the AWS secret manager
MemberJune 25, 2020 at 8:01 pm
Thank you for your feedback.
AWS Secrets Manager service enables you to easily rotate, manage, and retrieve database credentials, API keys, and other secrets throughout their lifecycle. Using Secrets Manager, you can secure and manage secrets used to access resources in the AWS Cloud, on third-party services, and on-premises.
You can enable your on-premises servers to access Secrets Manager is you use IAM access keys that allow the servers to call Secrets Manager API to retrieve and decrypt the secret that your save.
Services on AWS such as EC2, ECS, and Fargate can also access AWS Secret Manager. You need to create an IAM role attached to EC2 or ECS that allows them to retrieve the secrets on Secrets Manager. The IAM role attached to the EC2 will allow the application to call Secrets Manager API. For ECS, you can attach the appropriate IAM role and you can retrieve the secrets on Secret Manager by declaring the variables on the Task Definition.
Configure IAM on your EC2 or ECS to allow getting parameters from SSM
Hope this helps.
Kenneth Samonte @ Tutorials Dojo
- This reply was modified 3 years, 8 months ago by TutorialsDojo-Support.
Log in to reply.