Configure Snap accounts to use secrets
Overview
Configure Snap accounts to retrieve secrets from your preferred secrets manager. You can enter an expression to retrieve any secret stored in your secrets manager, such as an access token, a username, or a password while configuring dynamic accounts.
To use managed identity-based authentication mode in the Snaps, set up the SnapLogic account using an expression
that calls secrets.read
with the alias name for the secret object.
The request Authorization header
contains the secret.
REST Snaps can preview a complete request.
You might want to limit access to users who have permission to view secrets.
- A SnapLogic project with one or more dynamic accounts (with expression-enabled fields).
- Secrets stored in your chosen secrets manager (For example, AWS Secrets Manager, Azure Key Vault).
The S3 Dynamic Account has several expression-enabled fields, including Access-key ID and Secret Key. You can store the values for these fields in AWS Secrets Manager with role-based authentication.
- Create the secrets in AWS Secrets Manager:
myaccesskey
mysecretkey
- Create or modify an S3 Dynamic Account.
- In the Access-key ID field, click the expression button () and enter
secrets.read("DEFAULT_AWS", "").myaccesskey
. - In the Secret Key field, click the expression button () and enter
secrets.read("DEFAULT_AWS", "").mysecretkey
.
- In the Access-key ID field, click the expression button () and enter