Access AWS secret manager secret from outside AWS ecosystem/environment

Hi, I would like to know if it is possible to access a secret that I have configured in the secret manager from outside the AWS ecosystem, let's say locally or on a server that is outside.

I have given a policy to a group where I have created a user.

I am using .net 8.0 and this is a code that I am using it is a snippet code provided by aws.

 string secretName = "****";
 string region = "****";

 IAmazonSecretsManager client = new AmazonSecretsManagerClient(RegionEndpoint.GetBySystemName(region));

 GetSecretValueRequest request = new GetSecretValueRequest
 {
     SecretId = secretName
 };

 GetSecretValueResponse response;

 try
 {
     response = await client.GetSecretValueAsync(request);
 }
 catch (Exception e)
 {
     throw e;
 }

 string secret = response.SecretString;

It is failing with the following error:

"Unable to get IAM security credentials from EC2 Instance Metadata Service"

Thanks

Topics

Security, Identity, & Compliance .NET on AWS

Tags

AWS Secrets Manager .NET on AWS

Language

English

Eneko

asked a month ago171 views

1 Answer

Newest
Most votes
Most comments

Hello,

To access AWS Secrets Manager from outside the AWS, such as from a local machine, you need to ensure proper AWS credentials are configured.

Create AWS IAM user with the necessary permissions to access Secrets Manager.
Configure credentials on your local machine using aws cli.
Update .NET Code to Use Local AWS Credentials.

AWS policy that grants permission to access secrets to an IAM user

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "secretsmanager:GetSecretValue"
            ],
            "Resource": "arn:aws:secretsmanager:region:account-id:secret:secret-id"
        }
    ]
}

EXPERT

Sivaraman Selvam

answered a month ago

EXPERT

Brettski-AWS

reviewed a month ago

Brettski-AWS EXPERT
a month ago
For larger scale access outside of AWS to AWS services, consider IAM Roles Anywhere.

Relevant content

AWS Secrets Manager
SumitJaiswal
asked 2 years ago
Accessing AWS Secrets Manager from Redshift cluster
Accepted Answer
rePost-User-9407663
asked a year ago
Can i access Secrets Manager from Tomcat
somakd
asked 5 years ago
Unable to access Secrets in Secret Manager from inside docker service in Greengrass V2
Shivam
asked 2 years ago
How do I share AWS Secrets Manager secrets between AWS accounts?
AWS OFFICIALUpdated a year ago
Why doesn't updating a secret in Secrets Manager automatically update the secret in AWS CloudFormation?
AWS OFFICIALUpdated 2 years ago
How can I resolve issues accessing an encrypted AWS Secrets Manager secret?
AWS OFFICIALUpdated 2 years ago
How do I apply a resource-based policy on an AWS Secrets Manager secret?
AWS OFFICIALUpdated 9 months ago
Manage secrets in CDK via Mozilla SecretOPerationS (SOPS)
EXPERT
Antonio_Lagrotteria
published 10 months ago
Unlocking the Secrets of AWS Identity and Access Management
EXPERT
Giovanni Lauria
published 5 months ago