aws secrets manager sink AWS Secrets Manager Sink

Provided by: "Apache Software Foundation"

Support Level for this Kamelet is: "Stable"

Create a secret in AWS Secrets Manager.

Access Key/Secret Key are the basic method for authenticating to the AWS Secrets Manager Service. These parameters are optional, because the Kamelet provide also the 'useDefaultCredentialsProvider'.

When using a default Credentials Provider the Secrets Manager client will load the credentials through this provider and won’t use the static credential. This is reason for not having the access key and secret key as mandatory parameter for this Kamelet.

The Kamelet expects the following headers to be set:

  • secret-name / ce-secret-name: as the secret name to create.

If the header won’t be set the exchange ID will be used as secret name.

Configuration Options

The following table summarizes the configuration options available for the aws-secrets-manager-sink Kamelet:

Property Name Description Type Default Example

region

AWS Region

Required The AWS region to connect to.

Enum values:

* af-south-1 * ap-east-1 * ap-northeast-1 * ap-northeast-2 * ap-northeast-3 * ap-south-1 * ap-southeast-1 * ap-southeast-2 * ap-southeast-3 * ca-central-1 * eu-central-1 * eu-north-1 * eu-south-1 * eu-west-1 * eu-west-2 * eu-west-3 * fips-us-east-1 * fips-us-east-2 * fips-us-west-1 * fips-us-west-2 * me-south-1 * sa-east-1 * us-east-1 * us-east-2 * us-west-1 * us-west-2 * cn-north-1 * cn-northwest-1 * us-gov-east-1 * us-gov-west-1 * us-iso-east-1 * us-iso-west-1 * us-isob-east-1

string

eu-west-1

accessKey

Access Key

The access key obtained from AWS.

string

secretKey

Secret Key

The secret key obtained from AWS.

string

useDefaultCredentialsProvider

Default Credentials Provider

Set whether the Secrets Manager client should expect to load credentials through a default credentials provider or to expect static credentials to be passed in.

boolean

false

Dependencies

At runtime, the aws-secrets-manager-sink Kamelet relies upon the presence of the following dependencies:

  • camel:core

  • camel:aws-secrets-manager

  • camel:kamelet

Usage

This section describes how you can use the aws-secrets-manager-sink.

Knative sink

You can use the aws-secrets-manager-sink Kamelet as a Knative sink by binding it to a Knative object.

aws-secrets-manager-sink-binding.yaml
apiVersion: camel.apache.org/v1alpha1
kind: KameletBinding
metadata:
  name: aws-secrets-manager-sink-binding
spec:
  source:
    ref:
      kind: Channel
      apiVersion: messaging.knative.dev/v1
      name: mychannel
  sink:
    ref:
      kind: Kamelet
      apiVersion: camel.apache.org/v1alpha1
      name: aws-secrets-manager-sink
    properties:
      region: eu-west-1

Prerequisite

You have Camel K installed on the cluster.

Procedure for using the cluster CLI

  1. Save the aws-secrets-manager-sink-binding.yaml file to your local drive, and then edit it as needed for your configuration.

  2. Run the sink by using the following command:

    kubectl apply -f aws-secrets-manager-sink-binding.yaml

Procedure for using the Kamel CLI

Configure and run the sink by using the following command:

kamel bind aws-secrets-manager-sink -p "sink.region=eu-west-1" channel:mychannel

This command creates the KameletBinding in the current namespace on the cluster.

Kafka sink

You can use the aws-secrets-manager-sink Kamelet as a Kafka sink by binding it to a Kafka topic.

aws-secrets-manager-sink-binding.yaml
apiVersion: camel.apache.org/v1alpha1
kind: KameletBinding
metadata:
  name: aws-secrets-manager-sink-binding
spec:
  source:
    ref:
      kind: KafkaTopic
      apiVersion: kafka.strimzi.io/v1beta1
      name: my-topic
  sink:
    ref:
      kind: Kamelet
      apiVersion: camel.apache.org/v1alpha1
      name: aws-secrets-manager-sink
    properties:
      region: eu-west-1

Prerequisites

  • You’ve installed Strimzi.

  • You’ve created a topic named my-topic in the current namespace.

  • You have Camel K installed on the cluster.

Procedure for using the cluster CLI

  1. Save the aws-secrets-manager-sink-binding.yaml file to your local drive, and then edit it as needed for your configuration.

  2. Run the sink by using the following command:

    kubectl apply -f aws-secrets-manager-sink-binding.yaml

Procedure for using the Kamel CLI

Configure and run the sink by using the following command:

kamel bind aws-secrets-manager-sink -p "sink.region=eu-west-1" kafka.strimzi.io/v1beta1:KafkaTopic:my-topic

This command creates the KameletBinding in the current namespace on the cluster.