From e21d19a168f868631d04abd1e7976fddc8a97464 Mon Sep 17 00:00:00 2001 From: Suvarna I S Date: Fri, 17 Apr 2026 11:20:41 +0530 Subject: [PATCH] W-21464290-Update-Environment-Variables-feedback-for-Amazon-Secrets-Manager-Properties-Provider-Connector-sis --- .../amazon-secrets-manager-examples.adoc | 2 +- ...manager-properties-provider-reference.adoc | 39 +++++++++++++++++++ .../amazon-secrets-manager-examples.adoc | 2 +- ...manager-properties-provider-reference.adoc | 39 +++++++++++++++++++ 4 files changed, 80 insertions(+), 2 deletions(-) diff --git a/amazon-secrets-manager-properties-provider/1.0/modules/ROOT/pages/amazon-secrets-manager-examples.adoc b/amazon-secrets-manager-properties-provider/1.0/modules/ROOT/pages/amazon-secrets-manager-examples.adoc index 3c7a3318c8..c1617c7b90 100644 --- a/amazon-secrets-manager-properties-provider/1.0/modules/ROOT/pages/amazon-secrets-manager-examples.adoc +++ b/amazon-secrets-manager-properties-provider/1.0/modules/ROOT/pages/amazon-secrets-manager-examples.adoc @@ -39,7 +39,7 @@ In the *Configuration XML* editor, the configuration looks like this: ---- -If you do not provide credentials, the default AWS connection follows the https://docs.aws.amazon.com/sdk-for-java/latest/developer-guide/credentials-chain.html[default credentials provider chain - AWS SDK for Java 2.x^]. +If you do not provide credentials, the default AWS connection follows the https://docs.aws.amazon.com/sdk-for-java/latest/developer-guide/credentials-chain.html[default credentials provider chain - AWS SDK for Java 2.x^]. This chain enables you to supply AWS credentials and the region through runtime environment variables (for example, `AWS_ACCESS_KEY_ID`, `AWS_SECRET_ACCESS_KEY`, and `AWS_REGION`) instead of hardcoding them in the Mule app configuration. For the list of supported environment variables and a configuration example, see xref:amazon-secrets-manager-properties-provider-reference.adoc#environment-variables[Environment Variables]. == Configure AWS Secrets Manager Using a JSON String diff --git a/amazon-secrets-manager-properties-provider/1.0/modules/ROOT/pages/amazon-secrets-manager-properties-provider-reference.adoc b/amazon-secrets-manager-properties-provider/1.0/modules/ROOT/pages/amazon-secrets-manager-properties-provider-reference.adoc index 77dbd7b9dc..fc83f80ca2 100644 --- a/amazon-secrets-manager-properties-provider/1.0/modules/ROOT/pages/amazon-secrets-manager-properties-provider-reference.adoc +++ b/amazon-secrets-manager-properties-provider/1.0/modules/ROOT/pages/amazon-secrets-manager-properties-provider-reference.adoc @@ -41,6 +41,45 @@ Default Configuration for Amazon Secrets Manager Properties Provider. Amazon Secrets Manager Properties Provider doesn't support the use of property files for the configuration of the properties provider. +== Environment Variables + +If you do not provide the *AWS Access Key*, *AWS Secret Key*, or *AWS Secrets Manager Region* values in the configuration, Amazon Secrets Manager Properties Provider uses the https://docs.aws.amazon.com/sdk-for-java/latest/developer-guide/credentials-chain.html[default credentials provider chain - AWS SDK for Java 2.x^] to resolve credentials and the region from the runtime environment. This capability enables you to avoid hardcoding AWS credentials in the Mule app configuration. + +Use the following environment variables to configure the behavior of Amazon Secrets Manager Properties Provider from the environment instead of specifying parameters in the Mule app configuration: + +- `AWS_ACCESS_KEY_ID` +- `AWS_SECRET_ACCESS_KEY` +- `AWS_SESSION_TOKEN` (required only when using temporary credentials) +- `AWS_REGION` + +These variables are stored in secure configuration files with the values encrypted. During execution, the runtime decrypts these values and they remain in memory in their decrypted state. For more information, refer to xref:cloudhub-2::ch2-protect-app-props.adoc[]. + +Alternatively, you can set the equivalent Java system properties: `aws.accessKeyId`, `aws.secretAccessKey`, `aws.sessionToken`, and `aws.region`. For the full list of credential sources and the order in which they are evaluated, refer to the https://docs.aws.amazon.com/sdk-for-java/latest/developer-guide/credentials-chain.html[default credentials provider chain - AWS SDK for Java 2.x^]. + +=== Authenticate Through Environment Variables + +To authenticate to Amazon Secrets Manager using environment variables, set the following environment variables: + +* `AWS_ACCESS_KEY_ID` +* `AWS_SECRET_ACCESS_KEY` +* `AWS_REGION` + +Refer to xref:mule-runtime::setting-environment-variables.adoc[] for details. + +If you do not set the *AWS Access Key*, *AWS Secret Key*, or *AWS Secrets Manager Region* attributes in the configuration, the properties provider uses the values from the environment variables. + +In the XML configuration, you can omit the credential attributes when you rely on environment variables: + +[source,xml,linenums] +---- + + + + +---- + +If the properties provider cannot resolve credentials or the region from the configuration, environment variables, or any other source in the default credentials provider chain, the Mule app fails to start. + == See Also * xref:connectors::introduction/introduction-to-anypoint-connectors.adoc[Introduction to Anypoint Connectors] diff --git a/amazon-secrets-manager-properties-provider/1.1/modules/ROOT/pages/amazon-secrets-manager-examples.adoc b/amazon-secrets-manager-properties-provider/1.1/modules/ROOT/pages/amazon-secrets-manager-examples.adoc index 8f8bc4f93d..e80cb2b4a7 100644 --- a/amazon-secrets-manager-properties-provider/1.1/modules/ROOT/pages/amazon-secrets-manager-examples.adoc +++ b/amazon-secrets-manager-properties-provider/1.1/modules/ROOT/pages/amazon-secrets-manager-examples.adoc @@ -40,7 +40,7 @@ In the *Configuration XML* editor, the configuration looks like this: ---- -If you do not provide credentials, the default AWS connection follows the https://docs.aws.amazon.com/sdk-for-java/latest/developer-guide/credentials-chain.html[default credentials provider chain - AWS SDK for Java 2.x^]. +If you do not provide credentials, the default AWS connection follows the https://docs.aws.amazon.com/sdk-for-java/latest/developer-guide/credentials-chain.html[default credentials provider chain - AWS SDK for Java 2.x^]. This chain enables you to supply AWS credentials and the region through runtime environment variables (for example, `AWS_ACCESS_KEY_ID`, `AWS_SECRET_ACCESS_KEY`, and `AWS_REGION`) instead of hardcoding them in the Mule app configuration. For the list of supported environment variables and a configuration example, see xref:amazon-secrets-manager-properties-provider-reference.adoc#environment-variables[Environment Variables]. == Configure AWS Secrets Manager Using a JSON String diff --git a/amazon-secrets-manager-properties-provider/1.1/modules/ROOT/pages/amazon-secrets-manager-properties-provider-reference.adoc b/amazon-secrets-manager-properties-provider/1.1/modules/ROOT/pages/amazon-secrets-manager-properties-provider-reference.adoc index 087312de0c..994e584eda 100644 --- a/amazon-secrets-manager-properties-provider/1.1/modules/ROOT/pages/amazon-secrets-manager-properties-provider-reference.adoc +++ b/amazon-secrets-manager-properties-provider/1.1/modules/ROOT/pages/amazon-secrets-manager-properties-provider-reference.adoc @@ -42,6 +42,45 @@ Default Configuration for Amazon Secrets Manager Properties Provider. Amazon Secrets Manager Properties Provider doesn't support the use of property files for the configuration of the properties provider. +== Environment Variables + +If you do not provide the *AWS Access Key*, *AWS Secret Key*, or *AWS Secrets Manager Region* values in the configuration, Amazon Secrets Manager Properties Provider uses the https://docs.aws.amazon.com/sdk-for-java/latest/developer-guide/credentials-chain.html[default credentials provider chain - AWS SDK for Java 2.x^] to resolve credentials and the region from the runtime environment. This capability enables you to avoid hardcoding AWS credentials in the Mule app configuration. + +Use the following environment variables to configure the behavior of Amazon Secrets Manager Properties Provider from the environment instead of specifying parameters in the Mule app configuration: + +- `AWS_ACCESS_KEY_ID` +- `AWS_SECRET_ACCESS_KEY` +- `AWS_SESSION_TOKEN` (required only when using temporary credentials) +- `AWS_REGION` + +These variables are stored in secure configuration files with the values encrypted. During execution, the runtime decrypts these values and they remain in memory in their decrypted state. For more information, refer to xref:cloudhub-2::ch2-protect-app-props.adoc[]. + +Alternatively, you can set the equivalent Java system properties: `aws.accessKeyId`, `aws.secretAccessKey`, `aws.sessionToken`, and `aws.region`. For the full list of credential sources and the order in which they are evaluated, refer to the https://docs.aws.amazon.com/sdk-for-java/latest/developer-guide/credentials-chain.html[default credentials provider chain - AWS SDK for Java 2.x^]. + +=== Authenticate Through Environment Variables + +To authenticate to Amazon Secrets Manager using environment variables, set the following environment variables: + +* `AWS_ACCESS_KEY_ID` +* `AWS_SECRET_ACCESS_KEY` +* `AWS_REGION` + +Refer to xref:mule-runtime::setting-environment-variables.adoc[] for details. + +If you do not set the *AWS Access Key*, *AWS Secret Key*, or *AWS Secrets Manager Region* attributes in the configuration, the properties provider uses the values from the environment variables. + +In the XML configuration, you can omit the credential attributes when you rely on environment variables: + +[source,xml,linenums] +---- + + + + +---- + +If the properties provider cannot resolve credentials or the region from the configuration, environment variables, or any other source in the default credentials provider chain, the Mule app fails to start. + == See Also * xref:connectors::introduction/introduction-to-anypoint-connectors.adoc[Introduction to Anypoint Connectors]