You are viewing version v2.0-2.19 of the documentation, which is no longer maintained. For up-to-date documentation, see the latest version.
Secrets with AWS Secrets Manager
You can configure AWS Secrets Manager as a secrets engine for Spinnaker. For information about how to set up AWS Secrets Manager, see the AWS documentation.
Referencing secrets stored in AWS Secrets Manager
You can reference a KeyStore or KeyStore password stored in AWS Secrets Manager. Based on which type of secret you want to reference, use one of the following formats:
Keystore
keyStore: encryptedFile:secrets-manager!r:<some region>!s:<secret name>
Keystore password
keyStorePassword: encrypted:secrets-manager!r:<some region>!s:<secret name>!k:some-key
encryptedFile
orencrypted
- Required. Indicates that this is an encrypted file or an encrypted string, respectively.secrets-manager
- Required. Indicates that secrets are stored in AWS Secrets Manager!
- Required. Delimiter between parameters.r:<AWS region>
- Required. The AWS region your secret is stored in. For example, user:us-west-2
for a secret stored in theus-west-2
region.s:<Secret name>
- Required. The name of the secret stored in AWS Secrets Managerk<some-key>
- Required for encrypted strings. The Secret key. Omit for KeyStores.
For example, the following example references a KeyStore stored in us-west-2
:
encryptedFile:secrets-manager!r:us-west-2!s:dev--cert
Last modified June 22, 2020: docs(secrets): aws secrets manager (#78) (9f0aa4f)