Secrets Management with AWS Secrets Manager

SnapLogic Secrets Management supports AWS Secrets Manager using role or key-based authentication.

SnapLogic Secrets Management supports AWS Secrets Manager using a Groundplex with:
Both authentication types can be configured for the same Groundplex. The alias parameter passed to secrets.read in endpoint accounts determines which authentication type will be used:
  • For role-based authentication, if you set the alias to DEFAULT_AWS, a custom secrets-config.json file isn't required. However, if you want to restrict use of secrets to a specific SnapLogic project, you need to supply a secrets-config.json file and use the defined aliases in your Snap accounts.
  • For key-based authentication, set the alias parameter to the name a configuration defined in the secrets-config.json file.
Note:
  • Only accounts with expression-enabled authentication fields work with Secrets Management. Expression-enabled fields have an expression button, .
  • Restart each Groundplex node after creating or updating the secrets-config.json file.

The request Authorization header contains the secret. Because REST Snaps can preview a complete request, you might want to limit access to resources that use secrets.