Defining Guardium datasources to access AWS Secret Manager

Configure the datasources on your Guardium® system for automatic password provisioning using the AWS Secrets Manager. You can create a new datasource definition or edit an existing definition.

Before you begin

Ensure that you gathered the following information:

Procedure

  1. To access an existing datasource definition, go to Setup > Tools and Views > Datasource Definitions, and click Edit Datasource Definition. To create a new datasource definition, see Creating a datasource definition.
  2. Configure the Credential type by selecting the External password radio button.
  3. In the External password type Location drop-down, select AWS Secrets Manager.
  4. In the AWS Secrets Manager config drop-down, select the name of the AWS Secrets Manager configuration.
  5. In the Secret name field, enter the secret name that you created on your AWS management console.
  6. Enter the Region location of your data center that is configured on your AWS management console.
  7. Enter the Host name/IP, Port number, and Service name that you gathered from your AWS management console.
  8. Click Save and Test connection to ensure that the Guardium system can connect to the AWS Secrets Manager and fetch the datasource credential.

What to do next

Repeat steps 2 to 8 to configure all your Guardium datasources to access the AWS Secrets Manager.