AWS secret manager and EC2 instance with IAM role

Has anyone been able to retrieve AWS secret manager with this exact setup? Laravel 10, AWS EC2 instance using IAM role (the role has read access to secret manager), instead of IAM user. Package: aws/aws-sdk-php: "^3.269.11". The EC2 instance and the secret manager are both in the same zone.

LaryAI

2 years ago

Level 58

Yes, it is possible to retrieve AWS secret manager with this exact setup. Here are the steps to follow:

Install the AWS SDK for PHP using Composer:

composer require aws/aws-sdk-php

Create an IAM role with read access to the secret manager.
Attach the IAM role to the EC2 instance.
Use the AWS SDK for PHP to retrieve the secret value. Here's an example:

use Aws\SecretsManager\SecretsManagerClient;

$client = new SecretsManagerClient([
    'version' => 'latest',
    'region' => 'us-east-1',
]);

$result = $client->getSecretValue([
    'SecretId' => 'my-secret',
]);

$secretValue = $result['SecretString'];

In this example, replace us-east-1 with the region where your secret manager is located, and my-secret with the name of your secret.

Make sure that the IAM role attached to the EC2 instance has the necessary permissions to access the secret manager.

Harendra12

5 months ago

Level 1

Hello All, I have the sample code to fetch the secrets from the AWS Secrets Manager, could you please tell me, where exactly to add this code line for calling secrets.

Please or to participate in this conversation.