Similar to how the passphrase for the client private key is obtained from AWS Secrets Manager, implement support for obtaining the PSK values from AWS Secrets Manager.
Basically changing the parameters pTunnel1Psk and pTunnel2Psk to be pTunnel1PskSecretName and pTunnel2PskSecretName and requiring those secrets to be added to AWS Secrets Manager as a prerequisite. The cfn-init scripts will need to change to perform similar actions as it already performed in support of obtaining the client private key passphrase from AWS Secrets Manager and populating the proper strongSwan configuration file.
Similar to how the passphrase for the client private key is obtained from AWS Secrets Manager, implement support for obtaining the PSK values from AWS Secrets Manager.
Basically changing the parameters
pTunnel1Psk
andpTunnel2Psk
to bepTunnel1PskSecretName
andpTunnel2PskSecretName
and requiring those secrets to be added to AWS Secrets Manager as a prerequisite. Thecfn-init
scripts will need to change to perform similar actions as it already performed in support of obtaining the client private key passphrase from AWS Secrets Manager and populating the proper strongSwan configuration file.