search

aws-samples / vpn-gateway-strongswan

AWS CloudFormation template to deploy the open source strongSwan VPN solution to act as a VPN gateway in support of site-to-site VPN connections.
Apache License 2.0
68 stars 37 forks source link

Use AWS Secrets Manager to obtain PSK values #12

Closed ckamps closed 3 years ago

ckamps commented 3 years ago

Similar to how the passphrase for the client private key is obtained from AWS Secrets Manager, implement support for obtaining the PSK values from AWS Secrets Manager.

Basically changing the parameters pTunnel1Psk and pTunnel2Psk to be pTunnel1PskSecretName and pTunnel2PskSecretName and requiring those secrets to be added to AWS Secrets Manager as a prerequisite. The cfn-init scripts will need to change to perform similar actions as it already performed in support of obtaining the client private key passphrase from AWS Secrets Manager and populating the proper strongSwan configuration file.

ckamps commented 3 years ago

Implemented. See README for changes to PSK parameters.