Integrating with Secrets Manager

IBM Cloud Secrets Manager helps you to create secrets dynamically and lease them to applications while you control access from a single location. With Secrets Manager, you can create, lease, and centrally manage secrets that are used in App Configuration service or your custom-built applications.

By integrating App Configuration with Secrets Manager, instead of storing secrets, App Configuration stores metadata of Secrets Manager instance. This metadata is called as a secret reference as part of the Properties type in App Configuration.

Take these steps to get Secrets Manager integrated with App Configuration:

1. Log in to your IBM Cloud account.

2. Create a Secrets Manager instance and create your secrets.

   If you already have a Secrets Manager instance, go to next step else create a Secrets Manager instance. For more information, see creating a Secrets Manager instance.

3. Check the permissions in Secrets Manager instance.

   Make sure you have a Secrets Manager instance with Viewer access to the resource group where Secrets Manager instance is created or exists. Also, you need to have Reader access to the Secrets Manager instance.

   For more information about providing user authorizations, see here.

4. Create a property of type Secret reference. For more information, see Properties.

5. Use the App Configuration SDKs to connect your application to retrieve and use secrets from Secrets Manager. For more information on how to access secrets with App Configuration Node sdk, see here.