System Properties for AppNode

This section lists the system properties that can be used for Configuration Management and Credential Management in the ActiveMatrix BusinessWorks application. These properties must be passed in the config.ini file of the AppNode.

AWS Secret Manager

  • bw.config.management.aws.secret.manager=true

  • bw.config.management.aws.region=<<aws_region>>

  • bw.config.management.aws.secret.access.key=<<aws_secret_access_key>>

  • bw.config.management.aws.access.key.id=<<aws_access_key_id>>

  • bw.config.management.app.config.profile=default

  • bw.config.management.aws.session.token=<<aws_session_token>>

Azure Vault

  • bw.config.management.azure.tenant.id=<<azure_tenant_id>>

  • bw.config.management.azure.client.secret=<<azure_client_secret>>

  • bw.config.management.azure.client.id=<<azure_client_id>>

  • bw.config.management.app.config.profile=<<profile_name>>

  • bw.config.management.azure.vault=true

Note: Additionally, set the profile to be used as default while deploying EAR or creating an application EAR.

Consul

  • bw.config.management.app.config.profile=default

  • bw.config.management.consul.server.url=http://<host>:<appnode_port>/

HashiCorp Vault

Token

  • bw.config.management.app.config.profile=default

  • bw.config.management.hashicorp.vault.addr=http://<host>:<appnode_port>/

  • bw.config.management.hashicorp.vault.auth=token

  • bw.config.management.vault.auth.path=token

  • bw.config.management.hashicorp.vault.token=<<root token from console>>

AppRole Method

  • bw.config.management.app.config.profile=default

  • bw.config.management.hashicorp.vault.addr=http://<host>:<appnode_port>/

  • bw.config.management.hashicorp.vault.auth=approle

  • bw.config.management.hashicorp.vault.role.id=<<hashicorp_vault_role_id>>

  • bw.config.management.hashicorp.vault.secret.id=<<hashicorp_vault_secret_id>>

  • bw.config.management.vault.auth.path=approle/

UserPass Method

  • bw.config.management.app.config.profile=default

  • bw.config.management.hashicorp.vault.addr=http://<host>:<appnode_port>/

  • bw.config.management.hashicorp.vault.auth=userpass

  • bw.config.management.hashicorp.vault.username=<<hashicorp_vault_username>>

  • bw.config.management.hashicorp.vault.password=<<hashicorp_vault_password>>

  • bw.config.management.vault.auth.path=userpass/

AWS Parameter Store

  • bw.config.management.aws.parameter.store=true

  • bw.config.management.aws.region=<<aws_region>>

  • bw.config.management.aws.secret.access.key=<<aws_secret_access_key>>

  • bw.config.management.aws.access.key.id=<<aws_access_key_id>>

  • bw.config.management.app.config.profile=default

  • bw.config.management.aws.session.token=<<aws_session_token>>

Google Secret Manager

  • bw.config.management.app.config.profile=default

  • bw.config.management.google.secret.manager=true

  • bw.engine.management.google.credentials=<<google_credentials_path>>

CyberArk

  • bw.config.management.app.config.profile=default

  • bw.config.management.cyberark=true

  • bw.config.management.cyberark.keystore.password=<<cyberark_keystore_password>>

  • bw.config.management.cyberark.keystore.path=<<cyberark_keystore_path>>