This component deploys a SecretManagerClient java cli tool that can be used by other components to retrieve secrets that have been synchronized locally to the Greengrass core via the aws.greengrass.SecretManager component.
This component does not perform any processing on its own and only deploys the executable. You need to invoke the executable from another component which you made dependent on aws.greengrass.labs.SecretsManagerClient by executing:
java -jar
{aws.greengrass.labs.SecrectsManagerClient:artifacts:path}/secrets.jar
<secretId>
To allow the component using the SecretManagerClient to access the secret, you need to add an accessControl section in the Retrieve Secret Values. Refer also to the Requirements for the necessary authorization policies to be added to the Greengrass Token Exchange Role.
For example, the recipe of a component using SecretsManagerClient would look like:
RecipeFormatVersion: 2020-01-25
...
ComponentDependencies:
aws.greengrass.labs.SecretsManagerClient:
VersionRequirement: ">0.0.0"
ComponentConfiguration:
DefaultConfiguration:
username: "test"
accessControl:
aws.greengrass.SecretManager:
auth-1:
operations:
- aws.greengrass#GetSecretValue
resources:
- "*"
Manifests:
- Lifecycle:
Startup:
Script: |-
PWD=$(java -jar {aws.greengrass.labs.SecretsManagerClient:artifacts:path}/secrets.jar aws.greengrass.labs.nodered/{configuration:/username})
...To install this component follow the instructions in BUILD.md
This component has the following versions:
- 1.0.0
This component is a generic component. The Greengrass nucleus runs the component's lifecycle scripts.
For more information, see component types
This component does not have any additional requirements to Greengrass Nucleus.
When you deploy a component, AWS IoT Greengrass also deploys compatible versions of its dependencies. This means that you must meet the requirements for the component and all of its dependencies to successfully deploy the component. This section lists the dependencies for the released versions of this component and the semantic version constraints that define the component versions for each dependency. You can also view the dependencies for each version of the component in the AWS IoT Greengrass console. On the component details page, look for the Dependencies list.
| Dependency | Compatible versions | Dependency type |
|---|---|---|
| Secret Manger | >=0.0.0 <3.0.0 | Soft |
This component does not have any configuration
This component does not generate any log. You can find log entries in the log file of the component using it.
The following table describes the changes in each version of the component.
| Version | Changes |
|---|---|
| 1.0.0 | Initial version |
No requirements.
| Name | Version |
|---|---|
| aws | 5.39.1 |
| null | 3.2.2 |
| Name | Source | Version |
|---|---|---|
| component_bucket | terraform-aws-modules/s3-bucket/aws | 3.15.1 |
| Name | Type |
|---|---|
| null_resource.build_and_publish | resource |
| aws_availability_zones.available | data source |
| aws_caller_identity.current | data source |
| aws_partition.current | data source |
| aws_region.current | data source |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| component_version | n/a | string |
"1.0.0" |
no |
No outputs.