0

Is there a way to retrieve a secret from the AWS secret store using DefaultAWSCredentialsProviderChain java class?

If not please suggest a way to retrieve it? (I need this in the context of doing signature V4 signing the request to connect with AWS Neptune. For signature signing, I am using this example. But my secrets are in AWS secret manager, So How can I retrieve the secret from the secret store with DefaultAWSCredentialsProviderChain)

harish chava
  • 252
  • 2
  • 19

2 Answers2

1

I'm not sure if Secrets Manager exposes a AWSCredentialsProvider interface, but even if they don't support one, it should be easy to write something up.

Here is a sample implementation that uses the Secrets Manager APIs to expose a credentials provider implmentation:

https://github.com/jenkinsci/aws-secrets-manager-credentials-provider-plugin/blob/0e12e02a759d13524ed7f5cd0125ef6eab47ff7d/src/main/java/io/jenkins/plugins/credentials/secretsmanager/AwsCredentialsProvider.java

Once you have something like this, just make sure you pass it to the SigV4Signer that you use in your application.

Reference: https://github.com/aws/amazon-neptune-sigv4-signer/blob/master/src/main/java/com/amazonaws/neptune/auth/NeptuneSigV4SignerBase.java#L77-L86

Hope this helps.

The-Big-K
  • 2,672
  • 16
  • 35
0

It is possible with aws secretsmanager

Use these docs

Asfar Irshad
  • 658
  • 1
  • 4
  • 20
  • How can I use it while doing signature V4 signing in an above-mentioned link? – harish chava Feb 27 '20 at 08:46
  • In the link signature is signed using the AWSCredentialsProvider interface, I am trying to use the same interface for retrieving the secrets from secret manager store and sign it. – harish chava Feb 27 '20 at 08:51