The private/public key pairs used by Blackbox can be stored in and retrieved from a key vault, preventing the need to store the keys locally.
This page details how to set up and configure an AWS Secrets Manager for use with Blackbox.
The AWS Secrets Manager documentation provides much of the information needed to get started. The information in this section has been taken from the following pages of the AWS documentation:
Creating the AWS Secrets Manager
Once you have set up your AWS profile, you will be able to use AWS Secrets Manager.
Enabling Blackbox to use the AWS Secrets Manager
Environment Variables
If using an AWS Secrets Manager, configuration credentials can be provided in many ways as outlined in the AWS docs - Supplying and Retrieving AWS Credentials.
To use environment variables set the following:
AWS_REGION
: region_to_connect_to (i.e. us-west-2)AWS_ACCESS_KEY_ID
: your_access_key_idAWS_SECRET_ACCESS_KEY
: your_secret_access_key
The AWS_ACCESS_KEY_ID
and AWS_SECRET_ACCESS_KEY
for a particular user can be retrieved from the AWS IAM Management Console.
Dependencies
The AWS Secrets Manager dependencies are included in the Blackbox-app-<version>-app.jar
. If using the Blackbox-simple-<version>-app.jar
then aws-key-vault-<version>-all.jar
must be added to the classpath.