Configure AWS Secrets Manager for ECS
In the previous sections, we set up the JFrog CLI to authenticate and publish Docker images to Artifactory. In the next sections, we will add the same Artifactory credentials to AWS Secrets Manager. We will then use an IAM Role to allow Amazon ECS to authenticate with Artifactory, pull the image and deploy it.
Private registry authentication for ECS tasks using AWS Secrets Manager enables you to store your credentials securely and then reference them in your container definition. This allows your ECS tasks to use images from private repositories.
- Go to your AWS Secrets Manager Console.
- Click on Store a new secret.
- Select Other type of secrets.
- Select the Plaintext format.
- And paste your Artifactory username and API Key.
{
"username" : "<username>",
"password" : "<password>"
}
- Click Next.
- Provide a Secret name like
awsworkshop/jfrog-npm-app. Remember this name. - Click Next.
- Leave the default settings on this next Configure automatic rotation page and click Next.
- On the Sample code page, click Store. You should now see your new secret listed.
- Click on your new secret.
- Copy the Secret ARN for the next steps.
Next, we must create an IAM role that allows ECS to access these credentials.