Configure role-based authentication
Overview
An IAM role is an identity with permission policies. AWS Secrets Manager role-based authentication requires you to run Groundplex nodes on Amazon Elastic Compute Cloud (Amazon EC2) and the Secrets Manager must be in the same AWS region. A role can be set up to grant access to multiple secrets.
To use role-based authentication:
- Without restricting secrets to Snap accounts in a specific SnapLogic Project Space or project,
set up your Snap accounts using an
expression that calls
secrets.read
with the aliasDEFAULT_AWS
. - Restrict secrets use to Snap accounts in a SnapLogic Project Space or project with a secrets-config.json node configuration file.
- An AWS account with permissions to create IAM roles.
- SnapLogic Groundplex nodes deployed in AWS EC2 instances.
- The EC2 instances and the AWS Secrets Manager must be in the same AWS region.
- Permissions to access, update, and restart the Groundplex nodes