Ao usar o AWS re:Post, você concorda com os AWS re:Post Termos de uso
AWS re:Postre:Post

Is it possible to store DMS Endpoint credentials in HashiCorp Vault

0

I have two AWS DMS endpoints, one connecting to AWS RDS for Oracle and another one to AWS Aurora MySQL. Currently, the login passwords are provided through Terraform in clear text. I wonder if there is a way to store DMS endpoint credentials in Vault. My client prefers Vault to AWS Secrets Manager.

The organization already has Vault secrets set up for applications. I have access to Vault secrets through the web UI, but I have no idea how applications use Vault. I am a DBA. Any advice is appreciated. Thanks.

Gary

Tópicos
Migração e modernização
Tags
Serviço de migração de banco de dados da AWSTerraform
Idioma
English
Gary Y
feita há 7 meses238 visualizações
3 Respostas
0

You can use secrets manager to store the passwords. I have seen customers create their own solution when integrating with Hashicorp vault and syncing the passwords with secrets manager. I don't know if this is possible without some form of engineering to syncronise passwords or using Vault secrets directly.

AWS
Oli
respondido há 7 meses
0

Use terraform to create the AWS secret with no values and set the lifecycle to ignore changes.

Then manually populate the AWS secrect with the username and password.

Here your able to reference the terraform resource in your DMS settings.

profile picture
ESPECIALISTA
Gary Mclean
respondido há 7 meses
0

Oli and Gary Mclean,

Thank you for comment on my question!

Gary

Gary Y
respondido há 7 meses

Você não está conectado. Fazer login para postar uma resposta.

Uma boa resposta responde claramente à pergunta, dá feedback construtivo e incentiva o crescimento profissional de quem perguntou.

Diretrizes para responder a perguntas

Conteúdo relevante