Prerequisites:

  1. Navigate to Project > Integrations and select the Secret Syncs tab. Click on the Add Sync button.

  2. Select the AWS Secrets Manager option.

  3. Configure the Source from where secrets should be retrieved, then click Next.

    • Environment: The project environment to retrieve secrets from.
    • Secret Path: The folder path to retrieve secrets from.

If you need to sync secrets from multiple folder locations, check out secret imports.

  1. Configure the Destination to where secrets should be deployed, then click Next.

    • AWS Connection: The AWS Connection to authenticate with.
    • Region: The AWS region to deploy secrets to.
    • Mapping Behavior: Specify how Infisical should map secrets to AWS Secrets Manager:
      • One-To-One: Each Infisical secret will be mapped to a separate AWS Secrets Manager secret.
      • Many-To-One: All Infisical secrets will be mapped to a single AWS Secrets Manager secret.
    • Secret Name: Specifies the name of the AWS Secret to map secrets to if Many-To-One mapping behavior is selected.

  2. Configure the Sync Options to specify how secrets should be synced, then click Next.

    • Initial Sync Behavior: Determines how Infisical should resolve the initial sync.
      • Overwrite Destination Secrets: Removes any secrets at the destination endpoint not present in Infisical.
      • Import Secrets (Prioritize Infisical): Imports secrets from the destination endpoint before syncing, prioritizing values from Infisical over Secrets Manager when keys conflict.
      • Import Secrets (Prioritize AWS Secrets Manager): Imports secrets from the destination endpoint before syncing, prioritizing values from Secrets Manager over Infisical when keys conflict.
    • KMS Key: The AWS KMS key ID or alias to encrypt secrets with.
    • Tags: Optional tags to add to secrets synced by Infisical.
    • Sync Secret Metadata as Tags: If enabled, metadata attached to secrets will be added as tags to secrets synced by Infisical.
    • Auto-Sync Enabled: If enabled, secrets will automatically be synced from the source location when changes occur. Disable to enforce manual syncing only.

  3. Configure the Details of your Secrets Manager Sync, then click Next.

    • Name: The name of your sync. Must be slug-friendly.
    • Description: An optional description for your sync.

  4. Review your Secrets Manager Sync configuration, then click Create Sync.

  5. If enabled, your Secrets Manager Sync will begin syncing your secrets to the destination endpoint.

Was this page helpful?

Suggest editsRaise issue
AWS Parameter Store SyncAzure App Configuration Sync