For PHP in AWS Elastic Beanstalk you the steps are:
In the .ebextensions folder inside your Elastic BeanStalk application,
create a new file named newrelic.config. Add the following content to
the file:
packages:
yum:
newrelic-php5: []
rpm:
newrelic: INSERT_LINK_TO_AGENT
commands:
configure_new_relic:
command: newrelic-install install
env:
NR_INSTALL_SILENT: true
NR_INSTALL_KEY: INSERT_LICENSE_KEY
From: https://docs.newrelic.com/docs/agents/php-agent/frameworks-libraries/aws-elastic-beanstalk-installation-php
If you are using password vault you would then follow their best practices. If you are not then you may have to create a shell script to replace the license key from a secure S3 bucket.
Put your license key in a secure S3 bucket. Then use a Bash script similar to:
#!/bin/bash
password=$(aws ssm get-parameters --region us-east-1 --names MySecureLicenseKey --with-decryption --query Parameters[0].Value)
# code to replace INSERT_LICENSE_KEY - need to update the path to where you have it land
sed 's/INSERT_LICENSE_KEY/$password/g' /etc/newrelic/newrelic.config
Inspired by: https://aws.amazon.com/blogs/mt/use-parameter-store-to-securely-access-secrets-and-config-data-in-aws-codedeploy/