1 réponse
- Le plus récent
- Le plus de votes
- La plupart des commentaires
0
Use of SecretsManager provides secure way to provide credentials to Greengrass components.
You can use https://github.com/awslabs/aws-greengrass-labs-secretsmanagerclient to avoid having to code the interaction with the IPC API and be able to retrieve the secret directly in the lifecycle script.
An example on how to use it can be seen in https://github.com/awslabs/aws-greengrass-labs-nodered-auth/blob/9ff4371f76298aabeb9b4bb736fa86028ae6f09c/recipe.yaml#L35.
For your specific exmaple, the lifecyle recipe would contain something like:
Lifecycle:
Install: |-
export USERNAME="{configuration:/USERNAME}"
export PASSWORD=$(java -jar {aws.greengrass.labs.SecretsManagerClient:artifacts:path}/secrets.jar {configuration:/USERNAME})
pip3 install -r {artifacts:decompressedPath}/ComponentName/requirements.txt --extra-index-url=https://${USERNAME}:${PASSWORD}@company.jfrog.io/artifactory/api/pypi/company-pypi/simple
Contenus pertinents
- demandé il y a un an
- demandé il y a un an
- demandé il y a 3 mois
- demandé il y a 7 mois
- AWS OFFICIELA mis à jour il y a 3 ans
- AWS OFFICIELA mis à jour il y a un an
- AWS OFFICIELA mis à jour il y a 2 ans
Awesome, thanks! I ended up not using the
SecretsManagerClient
but used it as inspiration for a custom implementation using the mainSecretManager
component and IPC client.