Aws Secrets Manager Trait
The Secrets Manager trait can be used to use secrets from AWS Secrets Manager
The AWS Secrets Manager trait is disabled by default.
For more information about how to use secrets from AWS Secrets Manager take a look at the components docs: AWS Secrets Manager component
A sample execution of this trait, would require the following trait options: -t aws-secrets-manager.enabled=true -t aws-secrets-manager.access-key="aws-access-key" -t aws-secrets-manager.secret-key="aws-secret-key" -t aws-secrets-manager.region="aws-region"
To enable the automatic context reload on secrets updates you should define the following trait options: -t aws-secrets-manager.enabled=true -t aws-secrets-manager.access-key="aws-access-key" -t aws-secrets-manager.secret-key="aws-secret-key" -t aws-secrets-manager.region="aws-region" -t aws-secrets-manager.context-reload-enabled="true" -t aws-secrets-manager.refresh-enabled="true" -t aws-secrets-manager.refresh-period="30000" -t aws-secrets-manager.secrets="test*"
This trait is available in the following profiles: Kubernetes, Knative, OpenShift.
Configuration
Trait properties can be specified when running any integration with the CLI:
$ kamel run --trait aws-secrets-manager.[key]=[value] --trait aws-secrets-manager.[key2]=[value2] integration.yaml
The following configuration options are available:
Property | Type | Description |
---|---|---|
|
| Can be used to enable or disable a trait. All traits share this common property. |
|
| Enables automatic configuration of the trait. |
|
| The AWS Access Key to use. This could be a plain text or a configmap/secret The content of the aws access key is expected to be a text containing a valid AWS access key. Syntax: [configmap|secret]:name[/key], where name represents the resource name, key optionally represents the resource key to be filtered (default key value = aws-access-key). |
|
| The AWS Secret Key to use. This could be a plain text or a configmap/secret The content of the aws secret key is expected to be a text containing a valid AWS secret key. Syntax: [configmap|secret]:name[/key], where name represents the resource name, key optionally represents the resource key to be filtered (default key value = aws-secret-key). |
|
| The AWS Region to use |
|
| Define if we want to use the Default Credentials Provider chain as authentication method |
|
| Define if we want to use the Camel Context Reload feature or not |
|
| Define if we want to use the Refresh Feature for secrets |
|
| If Refresh is enabled, this defines the interval to check the refresh event |
|
| If Refresh is enabled, the regular expression representing the secrets we want to track |