Sample code for 30+ languages & platforms
PHP Extension

AWS Setup Bootstrap Secret in Local Manager

See more Secrets Examples

Accessing a cloud-based secrets manager requires authentication credentials, which cannot be stored in the manager itself. Instead, they must be securely stored locally.

One solution is to store the authentication credentials as a secret in the Windows Credentials Manager or Apple Keychain. These credentials serve as the "bootstrap secret" for authenticating with the cloud-based secrets manager.

This example demonstrates how to setup a bootstrap secret for the AWS Secrets Manager.

Note: This example requires Chilkat v10.1.0 or later.

Chilkat PHP Extension Downloads

PHP Extension
<?php

include("chilkat.php");

$success = false;

// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

$bootstrap = new CkSecrets();

// On Windows, this is the Windows Credentials Manager
// On MacOS/iOS, it is the Apple Keychain
$bootstrap->put_Location('local_manager');

// Specify the name of the bootstrap secret.
// service and username are required.
// appName and domain are optional.
// Note: The values are arbitrary and can be anything you want.
$json = new CkJsonObject();
$json->UpdateString('appName','AWS');
$json->UpdateString('service','Example');
$json->UpdateString('username','Joe');

// The bootstrap secret for the AWS Secrets Manager will contain
// the AWS region, access key, and secret key, like this:
$jsonSecret = new CkJsonObject();
// Modify if necessary to use your region..
$jsonSecret->UpdateString('awsRegion','us-east-1');
$jsonSecret->UpdateString('awsAccessKey','YOUR_ACCESS_KEY');
$jsonSecret->UpdateString('awsSecretKey','YOUR_SECRET_KEY');

// Create or update the bootstrap secret.
$success = $bootstrap->UpdateSecretJson($json,$jsonSecret);
if ($success == false) {
    print $bootstrap->lastErrorText() . "\n";
    exit;
}

print 'The AWS bootstrap secret has been stored.' . "\n";

?>