AWS Secret Service

The AWS Secret Service provides an integration with the <a href="https://aws.amazon.com/secrets-manager/" target="_blank" link-data="{"cms.site.owner":{"_ref":"0000017a-e99b-d9c6-a5fa-eddf364e0000","_type":"0000015d-56b9-d2db-a5dd-f6fd6ee30006"},"cms.content.publishDate":1683549086251,"cms.content.publishUser":{"_ref":"00000179-3cab-da41-a97d-7daf3dda0000","_type":"0000015d-56b9-d2db-a5dd-f6fd6ee30018"},"cms.content.updateDate":1683549086251,"cms.content.updateUser":{"_ref":"00000179-3cab-da41-a97d-7daf3dda0000","_type":"0000015d-56b9-d2db-a5dd-f6fd6ee30018"},"rekognitionVideo.timeFrameMetadata":[],"link":{"rekognitionVideo.timeFrameMetadata":[],"target":"NEW","attributes":[],"url":"https://aws.amazon.com/secrets-manager/","_id":"00000187-fb58-dba0-a5c7-ff5855220000","_type":"0000015d-56b9-d2db-a5dd-f6fd6ed00010"},"linkText":"AWS Secrets Manager","theme.0000017a-e99c-d9c6-a5fa-eddf027f0000.:core:link:Link.hbs.linkStyle":null,"theme.0000017a-e99c-d9c6-a5fa-eddf027f0000.:core:enhancement:Enhancement.hbs.enhancementAlignment":null,"theme.0000017a-e99c-d9c6-a5fa-eddf027f0000.:core:link:Link.hbs._template":null,"theme.0000017a-e99c-d9c6-a5fa-eddf027f0000.:core:link:Link.hbs._preset":null,"theme.0000017a-e99c-d9c6-a5fa-eddf027f0000.:core:enhancement:Enhancement.hbs._preset":null,"_id":"00000187-fb58-dba0-a5c7-ff58550d0000","_type":"00000162-ab56-d787-af72-fb57299f0000"}">AWS Secrets Manager service for securely storing secrets. <h2 data-state="{"cms.site.owner":{"_ref":"0000017a-e99b-d9c6-a5fa-eddf364e0000","_type":"0000015d-56b9-d2db-a5dd-f6fd6ee30006"},"cms.content.publishDate":1683549345938,"cms.content.publishUser":{"_ref":"00000179-3cab-da41-a97d-7daf3dda0000","_type":"0000015d-56b9-d2db-a5dd-f6fd6ee30018"},"cms.content.updateDate":1683549345938,"cms.content.updateUser":{"_ref":"00000179-3cab-da41-a97d-7daf3dda0000","_type":"0000015d-56b9-d2db-a5dd-f6fd6ee30018"},"rekognitionVideo.timeFrameMetadata":[],"theme.0000017a-e99c-d9c6-a5fa-eddf027f0000.:core:enhancement:Enhancement.hbs.enhancementAlignment":null,"theme.0000017a-e99c-d9c6-a5fa-eddf027f0000.:core:enhancement:Enhancement.hbs._preset":null,"_id":"00000187-fb5c-d85d-a3ff-ffdf54140000","_type":"45fe84ac-6709-39c0-bdaa-04029f434665"}">Configuration First, ensure that the com.psddev:aws-secret dependency is included in your project’s build.gradle file. Configuration of the AWS Secret Service is done via environment variables, typically in your Tomcat context.xml file. The key and respective values are described in the table below: Key Value brightspot/cms/defaultSecretService The name of the default secret service. This is used in other keys below and is designated as {name} . brightspot/cms/secretService/{name}/class com.psddev.aws.secret.AwsSecretService brightspot/cms/secretService/{name}/prefix (Optional) A prefix value to apply to all key names in AWS Secret Manager. This could be useful if you want to namespace all keys coming from <bsp-snippet data-snippet-state="{"cms.site.owner":{"_ref":"0000017a-e99b-d9c6-a5fa-eddf364e0000","_type":"0000015d-56b9-d2db-a5dd-f6fd6ee30006"},"cms.content.publishDate":1683653701578,"cms.content.publishUser":{"_ref":"00000171-7e3f-db90-a57b-7ebfd55a0000","_type":"0000015d-56b9-d2db-a5dd-f6fd6ee30018"},"cms.content.updateDate":1683653701578,"cms.content.updateUser":{"_ref":"00000171-7e3f-db90-a57b-7ebfd55a0000","_type":"0000015d-56b9-d2db-a5dd-f6fd6ee30018"},"rekognitionVideo.timeFrameMetadata":[],"snippet":{"_ref":"0000017b-64ac-d86b-a77f-6dad65240000","_type":"d2a205aa-dd4d-3a6e-acf9-d4f7609d4d35"},"theme.0000017a-e99c-d9c6-a5fa-eddf027f0000.:core:enhancement:Enhancement.hbs.enhancementAlignment":null,"theme.0000017a-e99c-d9c6-a5fa-eddf027f0000.:core:enhancement:Enhancement.hbs._preset":null,"_id":"00000188-0194-d325-abee-b3bda8cc0000","_type":"968481a3-3236-3bd5-82c4-ba78207b9d17"}"> with some prefix value to more easily identify them. The AWS Secrets Service uses the <a href="https://docs.aws.amazon.com/sdk-for-java/latest/developer-guide/credentials-chain.html" target="_blank" link-data="{"cms.site.owner":{"_ref":"0000017a-e99b-d9c6-a5fa-eddf364e0000","_type":"0000015d-56b9-d2db-a5dd-f6fd6ee30006"},"cms.content.publishDate":1683549796810,"cms.content.publishUser":{"_ref":"00000179-3cab-da41-a97d-7daf3dda0000","_type":"0000015d-56b9-d2db-a5dd-f6fd6ee30018"},"cms.content.updateDate":1683549796810,"cms.content.updateUser":{"_ref":"00000179-3cab-da41-a97d-7daf3dda0000","_type":"0000015d-56b9-d2db-a5dd-f6fd6ee30018"},"rekognitionVideo.timeFrameMetadata":[],"link":{"rekognitionVideo.timeFrameMetadata":[],"target":"NEW","attributes":[],"url":"https://docs.aws.amazon.com/sdk-for-java/latest/developer-guide/credentials-chain.html","_id":"00000187-fb63-d325-abe7-fbfb2e770000","_type":"0000015d-56b9-d2db-a5dd-f6fd6ed00010"},"linkText":"Default AWS Credentials Provider Chain","theme.0000017a-e99c-d9c6-a5fa-eddf027f0000.:core:link:Link.hbs.linkStyle":null,"theme.0000017a-e99c-d9c6-a5fa-eddf027f0000.:core:enhancement:Enhancement.hbs.enhancementAlignment":null,"theme.0000017a-e99c-d9c6-a5fa-eddf027f0000.:core:link:Link.hbs._template":null,"theme.0000017a-e99c-d9c6-a5fa-eddf027f0000.:core:link:Link.hbs._preset":null,"theme.0000017a-e99c-d9c6-a5fa-eddf027f0000.:core:enhancement:Enhancement.hbs._preset":null,"_id":"00000187-fb63-d325-abe7-fbfb2e620000","_type":"00000162-ab56-d787-af72-fb57299f0000"}">Default AWS Credentials Provider Chain to obtain AWS credentials for the AWS Secret Manager API. This system looks for credentials in a chain of locations including environment variables, system properties, and local credential files. AWS credentials must be provided in one of these locations for the AWS Secrets Service to function.

Key	Value
`brightspot/cms/defaultSecretService`	The name of the default secret service. This is used in other keys below and is designated as `{name}`.
`brightspot/cms/secretService/{name}/class`	`com.psddev.aws.secret.AwsSecretService`
`brightspot/cms/secretService/{name}/prefix`	(Optional) A prefix value to apply to all key names in AWS Secret Manager. This could be useful if you want to namespace all keys coming from Brightspot with some prefix value to more easily identify them.