So, is there a way to access a secret from AWS Secret Manager by using temporary credentials from AWS STS AssumeRole? I can see a lot of examples where this is used for establishing an S3 connection, is the same possible for Secrets Manager?
Asked
Active
Viewed 853 times
1
-
What is exactly your issue? It doesn't matter which AWS API the client is calling (s3 or Secret Manager) until the assumed role has permission to call the service, – gusto2 Nov 16 '20 at 10:22
-
What @gusto2 is saying is that you can call any AWS API with assumed role credentials. Just follow the example you have for S3 but using Secrets Manager instead. – JoeB Nov 17 '20 at 06:13
-
Sorry, let me rephrase the issue - My use case is to fetch the secrets from 'outside' the AWS cluster i.e a third party app that will assume the role created for them, and try to fetch the secrets. Is this even possible? Or does the call need to happen from within the aws cluster or from another account? – cheeepdeep Nov 17 '20 at 07:49
-
Did you ever figure out the answer to your question? I'm curious as I'm looking to do something very similar. Thanks – Payam Chychi Jan 31 '21 at 08:49