Sample code for 30+ languages & platforms
SQL Server

AWS Setup Bootstrap Secret in Memory

See more Secrets Examples

Accessing a cloud-based secrets manager requires authentication credentials, which cannot be stored within the secrets manager itself.

This example shows how to set up an in-memory bootstrap secret with authentication credentials which will be used in other examples to access the AWS Secrets Manager.

Note: This example requires Chilkat v10.1.0 or later.

Chilkat SQL Server Downloads

SQL Server
-- Important: See this note about string length limitations for strings returned by sp_OAMethod calls.
--
CREATE PROCEDURE ChilkatSample
AS
BEGIN
    DECLARE @hr int
    -- Important: Do not use nvarchar(max).  See the warning about using nvarchar(max).
    DECLARE @sTmp0 nvarchar(4000)
    DECLARE @success int
    SELECT @success = 0

    -- This example requires the Chilkat API to have been previously unlocked.
    -- See Global Unlock Sample for sample code.

    DECLARE @bootstrap int
    EXEC @hr = sp_OACreate 'Chilkat.Secrets', @bootstrap OUT
    IF @hr <> 0
    BEGIN
        PRINT 'Failed to create ActiveX component'
        RETURN
    END

    -- This secret will reside in memory.
    EXEC sp_OASetProperty @bootstrap, 'Location', 'memory'

    -- Specify the name of the bootstrap secret.
    -- service and username are required.
    -- appName and domain are optional.
    -- Note: The values are arbitrary and can be anything you want.
    DECLARE @json int
    EXEC @hr = sp_OACreate 'Chilkat.JsonObject', @json OUT

    EXEC sp_OAMethod @json, 'UpdateString', @success OUT, 'appName', 'AWS'
    EXEC sp_OAMethod @json, 'UpdateString', @success OUT, 'service', 'Example'
    EXEC sp_OAMethod @json, 'UpdateString', @success OUT, 'username', 'Joe'

    -- The bootstrap secret for the AWS Secrets Manager will contain
    -- the AWS region, access key, and secret key, like this:
    DECLARE @jsonSecret int
    EXEC @hr = sp_OACreate 'Chilkat.JsonObject', @jsonSecret OUT

    -- Modify if necessary to use your region..
    EXEC sp_OAMethod @jsonSecret, 'UpdateString', @success OUT, 'awsRegion', 'us-east-1'
    EXEC sp_OAMethod @jsonSecret, 'UpdateString', @success OUT, 'awsAccessKey', 'YOUR_ACCESS_KEY'
    EXEC sp_OAMethod @jsonSecret, 'UpdateString', @success OUT, 'awsSecretKey', 'YOUR_SECRET_KEY'

    -- Create or update the bootstrap secret (in memory).
    -- The secret is stored encrypted in memory, and is available to be used
    -- regardless of the lifetime of the "bootstrap" object.
    EXEC sp_OAMethod @bootstrap, 'UpdateSecretJson', @success OUT, @json, @jsonSecret
    IF @success = 0
      BEGIN
        EXEC sp_OAGetProperty @bootstrap, 'LastErrorText', @sTmp0 OUT
        PRINT @sTmp0
        EXEC @hr = sp_OADestroy @bootstrap
        EXEC @hr = sp_OADestroy @json
        EXEC @hr = sp_OADestroy @jsonSecret
        RETURN
      END


    PRINT 'The AWS bootstrap secret has been stored in memory.'

    EXEC @hr = sp_OADestroy @bootstrap
    EXEC @hr = sp_OADestroy @json
    EXEC @hr = sp_OADestroy @jsonSecret


END
GO