Sample code for 30+ languages & platforms
Swift

AWS Setup Bootstrap Secret in Local Manager

See more Secrets Examples

Accessing a cloud-based secrets manager requires authentication credentials, which cannot be stored in the manager itself. Instead, they must be securely stored locally.

One solution is to store the authentication credentials as a secret in the Windows Credentials Manager or Apple Keychain. These credentials serve as the "bootstrap secret" for authenticating with the cloud-based secrets manager.

This example demonstrates how to setup a bootstrap secret for the AWS Secrets Manager.

Note: This example requires Chilkat v10.1.0 or later.

Chilkat Swift Downloads

Swift

func chilkatTest() {
    var success: Bool = false

    // This example requires the Chilkat API to have been previously unlocked.
    // See Global Unlock Sample for sample code.

    let bootstrap = CkoSecrets()!

    // On Windows, this is the Windows Credentials Manager
    // On MacOS/iOS, it is the Apple Keychain
    bootstrap.location = "local_manager"

    // Specify the name of the bootstrap secret.
    // service and username are required.
    // appName and domain are optional.
    // Note: The values are arbitrary and can be anything you want.
    let json = CkoJsonObject()!
    json.updateString(jsonPath: "appName", value: "AWS")
    json.updateString(jsonPath: "service", value: "Example")
    json.updateString(jsonPath: "username", value: "Joe")

    // The bootstrap secret for the AWS Secrets Manager will contain
    // the AWS region, access key, and secret key, like this:
    let jsonSecret = CkoJsonObject()!
    // Modify if necessary to use your region..
    jsonSecret.updateString(jsonPath: "awsRegion", value: "us-east-1")
    jsonSecret.updateString(jsonPath: "awsAccessKey", value: "YOUR_ACCESS_KEY")
    jsonSecret.updateString(jsonPath: "awsSecretKey", value: "YOUR_SECRET_KEY")

    // Create or update the bootstrap secret.
    success = bootstrap.updateSecretJson(jsonId: json, secret: jsonSecret)
    if success == false {
        print("\(bootstrap.lastErrorText!)")
        return
    }

    print("The AWS bootstrap secret has been stored.")

}