keystore-aws-parameter-store.md

Keystore AWS Parameter Store

Follow these steps to set up your keystore passphrase on AWS Parameter Store.

Add to parameter store

1. Go to Systems Manager*
2. Click on Parameter Store under Application Management on left sidebar
3. Click on *Create parameter button
4. Steps
   1. Name: /Hop/Bonder/Keystore/Pass
   2. Check SecureString under Type
   3. Enter keystore password in the Value text field
   4. Click the Create parameter button

Attach policy to role

1. Go to IAM
2. Click on Roles on left sidebar
   1. Filter for your EC2 Role. E.g. HopNodeEC2Role
   2. Click on role link
3. Click on Attach policies button
4. Click on Create policy button (this will open a new tab)
   1. Service: Systems Manager
   2. Check Read
   3. Check GetParameter
   4. Resources
      1. Add ARN
      2. Region: us-east-1
      3. Parameter name: Hop/Bonder/*
   5. Click on Next: Tags button
   6. Click on Next: Review button
   7. Policy
   8. Name: HopNodeParameterStorePolicy
   9. Click on Create policy button
   10. You may now close this tab.
5. Back on main tab
6. Click refresh button
7. Filter for HopNodeParameterStorePolicy
8. Check box next to policy name
9. Click the Attach policy button

Config

Update your config ~/.hop/config.json to use the password from Parameter Store:

Note: The entirety of the config file will be explained in the next section, so feel free to move on and return here when you need to add the keystore config.

{
  "keystore": {
    "location": "~/.hop/keystore.json",
    "parameterStore": "/Hop/Bonder/Keystore/Pass",
    "awsRegion": "us-east-1"
  }
}