我的书签
添加书签
移除书签AWS Secrets Manager
Detailed information on the decret store component
Component format
To setup AWS Secrets Manager secret store create a component of type secretstores.aws.secretmanager. See this guide on how to create and apply a secretstore configuration. See this guide on referencing secrets to retrieve and use the secret with Dapr components.
See Authenticating to AWS for information about authentication-related attributes.
apiVersion: dapr.io/v1alpha1kind: Componentmetadata:name: awssecretmanagernamespace: defaultspec:type: secretstores.aws.secretmanagerversion: v1metadata:- name: regionvalue: "[aws_region]"- name: accessKeyvalue: "[aws_access_key]"- name: secretKeyvalue: "[aws_secret_key]"- name: sessionTokenvalue: "[aws_session_token]"
Warning
The above example uses secrets as plain strings. It is recommended to use a local secret store such as Kubernetes secret store or a local file to bootstrap secure key storage.
Spec metadata fields
| Field | Required | Details | Example |
|---|---|---|---|
| region | Y | The specific AWS region the AWS Secrets Manager instance is deployed in | “us-east-1” |
| accessKey | Y | The AWS Access Key to access this resource | “key” |
| secretKey | Y | The AWS Secret Access Key to access this resource | “secretAccessKey” |
| sessionToken | N | The AWS session token to use | “sessionToken” |
Create an AWS Secrets Manager instance
Setup AWS Secrets Manager using the AWS documentation: https://docs.aws.amazon.com/secretsmanager/latest/userguide/tutorials_basic.html.
Related links
- Secrets building block
- How-To: Retrieve a secret
- How-To: Reference secrets in Dapr components
- Secrets API reference
- Authenticating to AWS
Last modified February 18, 2022: Update setup-jetstream.md (#2200) (428d8c2)
