Description

IMPORTANT: AWS Secrets Manager is currently the only supported vault manager. Support for additional vaults will be provided in the future.

Runtime can be integrated with a Vault Manager, which stores and manages information, such as user passwords, database credentials, etc., as they are changed over a set time defined by an organization. This method of connecting to a database still uses JDBC but does not require you to include the username and password parameters in the JDBC Config file for the database connection. 


When Vault Integration is set up, Runtime will connect via the JDBC Driver to the vault manager using the required vault security credentials (e.g., access key, secret key, etc.) and obtain the username and password. It then passes that information to the database to make the connection.


File Parameters

The following parameters need to be in the JDBC Config file for AWS Secrets Manager:

  • driverDefines the path and name of the JDBC driver Jar file. The Jar contains a Java program that uses the JDBC API to load the specified driver for a particular DBMS before it actually connects to a database. The JDBC DriverManager class then sends all JDBC API calls to the loaded driver. Note: Varies per database. 
  • url - Defines the Universal Resource Locator (URL) to connect to the database. Note: Varies per database 
  • batchCount  - Defines the number of rows sent to the database per batch. This property is only mandatory for GenRocket Receivers. 
  • vault - the name of the vault manager (e.g., awsSecretManager)
  • awsAccessKey - vault manager access key
  • awsSecretKey - vault manager secret key
  • awsRegion - vault manager region (e.g., us-east-1, ap-south-2, eu-central-1)
  • awsSecretName - secret name for the information that is being retrieved


driver=com.mysql.cj.jdbc.Driver
url=jdbc:mysql://host:3306/test?rewriteBatchedStatements=true&allowLoadLocalInfile=true
batchCount=7
vault=awsSecretManager
awsAccessKey=<accesskey>
awsSecretKey=<secretKey>
awsRegion=<region>
awsSecretName=<secretName>


MySQL Example 

driver=com.mysql.cj.jdbc.Driver
url=jdbc:mysql://database-1.cnppkr1ujhij.ap-south-1.rds.amazonaws.com:3306/test?rewriteBatchedStatements=true&allowLoadLocalInfile=true
batchCount=7
vault=awsSecretManager
awsAccessKey=DEFAABCOY6NUJV2GR12G
awsSecretKey=xtTuuhMabcQVfz8QoKsrTVMAjf9QrOtfBCGrFk
awsRegion=ap-south-1
awsSecretName=rds!db-9136408b-3571-4ca6-bfc5-97c5f9610df0