AppConfig Client Configuration

IAM role that you would be using to fetch the configuration details must have permissions to access configurations from AWS AppConfig. For the same, Following policy must be configured for IAM role:

{
 "Version": "2012-10-17",
 "Statement": [
     { 
        "Sid": "VisualEditor0",
        "Effect": "Allow",
        "Action": [         "appconfig:GetLatestConfiguration",
           "appconfig:StartConfigurationSession",
           "appconfig:ListApplications",
           "appconfig:GetApplication",
           "appconfig:ListEnvironments",
           "appconfig:GetEnvironment",
           "appconfig:ListConfigurationProfiles",
           "appconfig:GetConfigurationProfile",
           "appconfig:GetConfiguration",
          "appconfig:ListDeployments",
           "appconfig:GetDeployment"             ],
       "Resource": "*"
    }
  ]
}

To connect to the AWS Systems Manager AppConfig, provide below configuration at runtime.

Property Name	Required	Data Type	Description
FLOGO_APP_PROPS_AWS_APPCONFIG	Yes	Boolean	Set this as true to enable the AWS AppConfig support feature.
AWS_APPCONFIG_APP_IDENTIFIER_NAME	Yes(optional)	String	Set app identifier name for AWS AppConfig. If the name is not set, it takes the name as that of your Flogo app.
AWS_APPCONFIG_PROFILE_NAME	Yes	String	This is name of the configuration profile created while defining the properties in AppConfig.
AWS_APPCONFIG_ENV_NAME	Yes	String	This is name of the environment provided while creating application in the AppConfig.
AWS_APPCONFIG_REGION	Yes	String	Select AWS region where your Appconfig is located.
AWS_APPCONFIG_ACCESS_KEY_ID	Yes	String	Access ID for your AWS account. To protect the access key, an encrypted value can be provided in this configuration. See Encrypting Password Values section for information on how to encrypt a string. Note: The encrypted value must be prefixed with SECRET: For example, SECRET:b0UaK3bTyD9wN+ZJkmlKRmojhAv+
AWS_APPCONFIG_SECRET_ACCESS_KEY	Yes	String	Secret access key for your AWS account. To protect the secret access key, an encrypted value can be provided in this configuration. See the Encrypting Password Values section for information on how to encrypt a string. Note: The encrypted value must be prefixed with SECRET: For example, SECRET:b0UaK3bTyD9wN+ZJkmlKRmojhAv+
AWS_APPCONFIG_ASSUMEDROLE_ARN	Yes(optional)	String	Set the IAM role ARN in Flogo for the federated user and assume the required role. This variable need not be set for a non-federated user.

Did you find this helpful?

Yes No