API7 Enterprise v3.2.16.3 Integrates with AWS Secrets Manager
November 7, 2024
In API7 Enterprise v3.2.16, we have officially introduced the secret providers. This feature is designed to allow sensitive information stored in external Secret management services to be referenced as variables within API7 Enterprise, thereby enhancing system security. In version v3.2.16.1, integration with HashiCorp Vault was implemented, and in the current update, support for AWS Secrets Manager has been added.
How to Integrate with AWS Secrets Manager?
1. Adding a Secret Provider
In the API7 dashboard, select AWS Secrets Manager as the secret manager and fill in the corresponding configuration details.
-
Region
: Specifies the AWS service region, a required parameter when making requests to AWS services, used to determine the exact region where the request is sent. -
Endpoint URL
: If users need to interact with a local development environment, test environment, or other custom AWS deployments, they can specify a custom Endpoint URL to bypass the default regional selection for more flexible access. -
Access Key ID
andSecret Access Key
: These are the AWS user's access credentials used for authentication. -
Session Token
: A short-lived temporary security credential suitable for scenarios requiring temporary access to AWS resources. Users can use it in automation scripts or third-party applications to gain temporary access.
2. Viewing the Secret Provider
Once the secret provider is created, users can view the configuration details and concatenated variables on its detail page.
3. Referencing Secret Variables
After successfully creating the secret provider, users can reference sensitive data stored in external systems in various API7 Enterprise resources as variables. The $secret_name
and $key
within the variable should be replaced with the corresponding secret names and key values to ensure correct data referencing.
Additionally, in non-form pages (such as the plugin editor), users can directly input the value of the secret variable as a string into fields that support Secret references.
For detailed usage instructions on secret providers, please refer to the relatedSecrets Documentation for API7 Enterprise.
Summary
By integrating AWS Secrets Manager, API7 Enterprise provides users with a more secure and efficient secret management solution, helping them better protect sensitive information. The API7 team will continue to monitor user needs and expand the types and functionalities of Secret Providers, offering more diverse and secure secret management services.