- Neueste
- Die meisten Stimmen
- Die meisten Kommentare
Hello,
Thanks for reaching out to AWS re:Post with your AWS AppFlow query.
The error message is a client error that shows that the secret is in an inconsistent state. This response is returned directly from SecretsManager.
You can simply try to access the secret from your account using the AWS CLI, as it will return an error explaining the root cause. When trying to create the connector, you should see a GetSecretValue API call recorded in CloudTrail which would contain the error for why AppFlow was unable to retrieve the Secret.
The problem commonly occurs if you use the default KMS key to encrypt the Secret, and then create the flow without setting a customer CMK. So Appflow is trying to use the AWS managed KMS key to decrypt the secrets. Essentially, Secret Manager and AppFlow are using different KMS keys (i.e., "aws/secretsmanager" and "Amazon AppFlow-managed KMS key" respectively) to encrypt and decrypt the data. If this is the case, you will need to use a CMK to encrypt the Secret and give AppFlow permissions to use that key. When creating the profile, you will then use that key.
You can specify a KMS key for AppFlow to use by setting the 'kmsArn': [+] https://docs.aws.amazon.com/appflow/1.0/APIReference/API_CreateConnectorProfile.html#API_CreateConnectorProfile_RequestSyntax
Thank you.
Relevanter Inhalt
- AWS OFFICIALAktualisiert vor einem Jahr
- AWS OFFICIALAktualisiert vor 2 Jahren
- AWS OFFICIALAktualisiert vor einem Jahr