You can integrate Twistlock with AWS Secrets Manager. First, configure Twistlock to access AWS Secrets Manager, then create rules to inject the relevant secrets into the relevant containers.
The service account Twistlock uses to access the secrets store must have the following permissions:
secretsmanager:GetSecretValue
secretsmanager:ListSecrets
You have created a secret in AWS Secrets Manager. Automatic rotation must be disabled. Twistlock supports the key-value secret type only. When storing a new secret, select Other type of secrets, then Secret key/value.
Open Twistlock Console.
Integrate Twistlock with the secrets store.
Go to Manage > Authentication > Secrets, and click Add store.
Enter a name for the store. This name is used when you create rules to inject secrets into specific containers.
For Type, select AWS Secrets Manager, then fill out the rest of the form, including your credentials.
Fill out the rest of the form, specifying how to connect to the Secrets Manager.
Click Add.
After clicking Add, Twistlock tries connecting to your secrets manager. If successful, the dialog closes, and an entry is added to the table. Otherwise, connection errors are displayed directly in the configuration dialog.