AWS re:Postを使用することにより、以下に同意したことになります AWS re:Post 利用規約

Retrieve secrets from secret manager without using SDK

-1

I want to retrieve the AWS secrets without using the SDK because SDK adds lots (300+) of dependencies. I wanted to know if retrieving the secret using REST APIs and IAM Role/User is possible. And if yes then how?

I am building a microservice using Micronaut and want to avoid adding extra jars.

2回答
0
承認された回答

Hi,

Which language are you using, and from where are you planning to call the AWS Secret Manager API ?

You can sign you own request and directly call the GetSecretValue API action.

But keep in mind that you will then need to maintain this part of code and make sure that you are handling credentials discovery and usage properly.

profile pictureAWS
回答済み 1年前
profile picture
エキスパート
レビュー済み 1年前
  • Hi, I am using Java with Micronaut. In the article "sign you own request" the below line is mentioned in step 5: Credential=AKIAIOSFODNN7EXAMPLE/20220830/us-east-1/ec2/aws4_request, what does "AKIAIOSFODNN7EXAMPLE" signifies? Is there any recommended way to add this piece of information to the Micronaut application without any hard coding?

  • You should rely on an IAM instance profile to get temporary credentials if your application is running on an EC2 instance.

    But again, the role of the SDK is to abstract and simplify this process and I would recommend using it. Do you have any specific size constraints that make the size of the SDK such an important factor ?

0

If using lambdas, you can consider using Parameter and Secrets lambda layer which allows you to cache secrets in lambda side: https://aws.amazon.com/blogs/compute/using-the-aws-parameter-and-secrets-lambda-extension-to-cache-parameters-and-secrets/

profile picture
エキスパート
回答済み 1年前

ログインしていません。 ログイン 回答を投稿する。

優れた回答とは、質問に明確に答え、建設的なフィードバックを提供し、質問者の専門分野におけるスキルの向上を促すものです。

質問に答えるためのガイドライン

関連するコンテンツ