How to store certificate as a secret in AWS secret manager ? How to pass that secret in https call using AWS appSync resolver?

amazon-web-services aws-appsync aws-secrets-manager

Bhasam · Apr 9, 2019 · Viewed 7k times · Source

I need to get elements from AWS dynamoDB and thrid party https service and merge those results in AWS appSyn and send back the result as graphQL response

Third party service which I am using, expects client side certificate. I am not finding proper AWS documents on how to pass agent using AWS appSync resolver.

I am also not finding documents to store certificate as secret in AWS secret manager.

Is there anyone faced similar problem? Or do you guys have any solution to it?

Answer

It depends on the size of your certificate - Secrets for AWS Secrets Manager have various limits such as length in bytes (7168 bytes) or characters (4096) see more here:

https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_limits.html

But otherwise you should be able to store your certificate using AWS Secrets Manager.

See number item 3 in the following link: https://aws.amazon.com/blogs/compute/maintaining-transport-layer-security-all-the-way-to-your-container-part-2-using-aws-certificate-manager-private-certificate-authority/

Using HTTP Resolvers (or even Lambda Resolvers) you will be able to make http calls to AWS Secrets Manager to obtain the secret.

See links: https://docs.aws.amazon.com/appsync/latest/devguide/tutorial-lambda-resolvers.html https://docs.aws.amazon.com/appsync/latest/devguide/tutorial-http-resolvers.html

How to store certificate as a secret in AWS secret manager ? How to pass that secret in https call using AWS appSync resolver?

Answer

Related questions