Skip to main content

Configure AWS Secrets Manager

You can configure an AWS Secrets Manager to use with Tessera.

The private/public key pairs used by Tessera can be stored in and retrieved from the secrets manager, without the need to store the keys locally.

The AWS Secrets Manager documentation provides the information you need to get started.

Access the AWS Secrets Manager

You need an AWS profile to use AWS Secrets Manager.

Enable Tessera to use the AWS Secrets Manager

You can provide AWS Secrets Manager configuration credentials in many ways.

To use environment variables, set the following:

  1. AWS_REGION - region to connect to (for example, us-west-2)
  2. AWS_ACCESS_KEY_ID - your access key ID
  3. AWS_SECRET_ACCESS_KEY - your secret access key

You can get the AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY for a particular user from the AWS IAM Management Console.

Dependencies

Unpack aws-key-vault-<version>.zip|tar and cp aws-key-vault-<version>/lib/* tessera-dist/lib/.