Secrets Management with AWS Secrets Manager
aliasparameter passed to
secrets.readin an expression in the account.
- Role-based authentication is used if the
aliasparameter is set to
DEFAULT_AWS. A custom secrets-config.json file is not required.
- Key-based authentication is used if the
aliasparameter is set to the name of any configuration defined in the custom secrets-config.json file.
- Only dynamic account types, those with expression-enabled fields, work with a secrets manager. If the account type you need is not dynamic, contact your CSM.
- To pick up changes to the secret-config.json file, you must restart the Snaplex node by restarting the JCC service.
If a user has access to the secrets, the secrets can be viewed in REST Snap previews and in responses.