Creating Secrets in AWS Secret Store
AWS Secret Store
The Apono Connector uses the the AWS Secret Store to connect to resource integration without storing any secrets .
Create a new secret for Apono
You can choose to use your CLI or Terraform
CLI
- replace
#REGION
,#SECRET_NAME
,#USERNAME
and#PASSWORD
aws secretsmanager create-secret --name "#SECRET_NAME" --tags '[{"Key":"apono-connector-read","Value":"true"}]' --region #REGION --secret-string '{
"username":"'"#USERNAME"'",
"password":"'"#PASSWORD"'"
}'
Terraform
- required providers:
aws
- replace
#SECRET_NAME
,#USERNAME
and#PASSWORD
resource "aws_secretsmanager_secret" "#SECRET_NAME" {
name = "#SECRET_NAME"
// this tag allows apono connector role to read the secret with predefined policy
tags = {
"apono-connector-read" = "true"
}
}
resource "aws_secretsmanager_secret_version" "#SECRET_NAME" {
secret_id = aws_secretsmanager_secret.#SECRET_NAME.id
secret_string = jsonencode({
username = "#USERNAME",
password = "#PASSWORD",
})
}
Use an existing secret
If you prefer to use an existing secret, just add the following tag to the secret so the apono-connector could use it.
- tag-name:
apono-connector-read
, value:true
Give Apono the Secret ID in the relevant integration

The secret is accessible only from the Connector in your environment
Updated about 1 month ago