AWS Secrets: Configure role-based authentication
Overview
Role-based authentication is required for Amazon Elastic Compute Cloud (Amazon EC2).
With role-based authentication, a default configuration with the alias DEFAULT_AWS
is provided.
To use role-based authentication, set up the SnapLogic account using an expression that calls secrets.read
with this alias.
- AWS IAM permissions to create roles
- A SnapLogic Groundplex in an AWS EC2 instance
- The EC2 instance and the Secrets Manager must be in the same AWS region.
- Permissions to update the Groundplex nodes
- In AWS Identity and Access Management (IAM), set up policies and a role.
- Configure the EC2 instance that hosts your SnapLogic Groundplex.
- Associate the new role with your EC2 instance.
- Enable the Instance Metadata Service for your EC2 instance.
- Configure dynamic SnapLogic accounts to connect to AWS Secrets Manager and to authenticate.