AWS Secrets Manager Extension

Natively read your AWS Secrets in Liquibase. For more information, see AWS Secrets Manager documentation.

Supported products

Liquibase Pro

Requirements

  • Liquibase 4.12+
  • Liquibase Pro license
  • AWS Credentials

Installation

The easiest way to install this extension is with lpm (Liquibase Package Manager).

lpm update
lpm add aws-secrets-manager

Setup

A Liquibase Pro License key is required.

Configure your AWS credentials in any standard method. aws_access_key_id, aws_secret_access_key and aws_region are required.

Usage

Any property in a liquibase.properties file can be stored in AWS Secrets Manager. Use the syntax VAULT,SECRET,KEY to tell the vault plugin which properties to populate from the vault. You can also enable support for AWS Systems Manager with VAULT,PARAMETER.

            # AWS Secrets Manager
url= aws-secrets,liquibase-secret,url
username= aws-secrets,liquibase-secret,username
password= aws-secrets,liquibase-secret,password

# AWS Systems Manager
url= aws-ssm,liquibase-secret-url
username= aws-ssm,liquibase-secret-username
password= aws-ssm,liquibase-secret-password
        

Feedback

Please submit all feedback and issues to this idea board.