aws-secrets-manager

来源： https://stackoverflow.com/questions/56194579/how-to-integrate-aws-secret-manager-with-spring-boot-application

来源： https://stackoverflow.com/questions/56194579/how-to-integrate-aws-secret-manager-with-spring-boot-application

来源： https://stackoverflow.com/questions/63366425/how-to-get-private-key-from-secret-manager

来源： https://stackoverflow.com/questions/63366425/how-to-get-private-key-from-secret-manager

问题 I enabled the rotation and checked lambda funcion logs, there is no error, everything looks fine. But I retrieved the secret in Secrets Manager console, it's still the old password. I don't know what's going on. In AWS CLI: aws secretsmanager list-secret-version-ids --secret-id xxx Output: { "Versions": [ { "VersionId": "4********2f", "VersionStages": [ "AWSPREVIOUS" ], "LastAccessedDate": 1580428800.0, "CreatedDate": 1580484370.988 }, { "VersionId": "9********69", "VersionStages": [

问题 I need to get elements from AWS dynamoDB and thrid party https service and merge those results in AWS appSyn and send back the result as graphQL response Third party service which I am using, expects client side certificate. I am not finding proper AWS documents on how to pass agent using AWS appSync resolver. I am also not finding documents to store certificate as secret in AWS secret manager. Is there anyone faced similar problem? Or do you guys have any solution to it? 回答1: It depends on

问题 I need to get elements from AWS dynamoDB and thrid party https service and merge those results in AWS appSyn and send back the result as graphQL response Third party service which I am using, expects client side certificate. I am not finding proper AWS documents on how to pass agent using AWS appSync resolver. I am also not finding documents to store certificate as secret in AWS secret manager. Is there anyone faced similar problem? Or do you guys have any solution to it? 回答1: It depends on

问题 I am working on a project that requires that an AWS Glue Python script access the AWS Secrets Manager. I tried giving Glue permissions to do this via IAM, but I don't see how; I can see the permissions strings showing that Lambda has access but I don't see a way to edit them. I tried creating a new role that had the right permissions but when I went to attach it seemed to have disappeared ... My fallback workaround is to grab the secret via a tiny Lambda and xfer it via S3 to Glue ... but

问题 I read this article about how to implement the credential rotation, I know I could just configure this in 'Edit rotation configuration' option, but the thing is my current secret is in use, and I notice that it says 'Enable automatic rotation - Recommended when your applications are not using this secret yet', how can I enable the rotation then? My database is using RDS Aurora MySQL engine and I want it to rotate every 7 days. I also read this document, does it mean I must have an IAM role

问题 I created a rotation function manually and linked it to Secret Manager, I've managed to enable the rotation but when I checked the logs in CloudWatch for this rotation lambda, it showing me error: [ERROR] ClientError: An error occurred (AccessDeniedException) when calling the DescribeSecret operation: User: arn:awsxxxxxxx:assumed-role/xxxxx-lambda-exec-role/ MyLambdaName is not authorized to perform: secretsmanager:DescribeSecret on resource: MysecretARN I know something is wrong with my