Reputation: 19
Pentaho and AWS Secrets Manager
Iwould like to keep passwords to databases in AWS Secrets Manager and be able to use them by jobs running from Pentaho (PDI) which is installed on AWS EC2 instance.
What will be the best way to build such solution? I don't really want to keep the passwords on the EC2 instance.
Regards, Rafal
Upvotes: 0
Views: 459
Answers (2)
Reputation: 2059
Currently, authentication with AWS Secrets Manager requires the submission of AWS Signature Version 4, the method of calculating it is described here: Calculate the signature for AWS Signature Version 4
Unfortunately, the REST Client component does not support AWS authentication and signature calculation, so that separate components would be needed to calculate it or you can do it using ready-made libraries, e.g. Python boto3.
To connect to AWS Secrets Manager, you can use a ready-made Boto3 library in Python and use it in the Python Executor component in PDI
Upvotes: 1
Reputation: 19
Answering own question, it is possible to use REST API: • AWS > Documentation > AWS Secrets Manager > API Reference https://docs.aws.amazon.com/secretsmanager/latest/apireference/API_GetSecretValue.html GetSecretValue
and using REST Client step in PDI: https://help.hitachivantara.com/Documentation/Pentaho/9.3/Products/REST_Client
Upvotes: 0
Related Questions
- AWS Elastic Beanstalk and Secret Manager
- Create secrets in AWS Secrets Manager
- AWS Secrets Manager can’t find the specified secret
- Terraform and AWS secrets
- aws - secrets manager - how to secure secrets when I want to access from ec2?
- AWS Secrets Manager without setsecret or testsecret
- Setting up AWS Secrets Manager .Net Core
- AWS CLI Secrets Manager Create Secret
- Managing secrets with aws cli register task definition
- AWS Secrets manager-SDK using python