SecretVersionInfo

class aws_cdk.aws_ecs.SecretVersionInfo(*, version_id=None, version_stage=None)

Bases: object

Specify the secret’s version id or version stage.

Parameters:
  • version_id (Optional[str]) – version id of the secret. Default: - use default version id

  • version_stage (Optional[str]) – version stage of the secret. Default: - use default version stage

ExampleMetadata:

infused

Example:

# secret: secretsmanager.Secret
# db_secret: secretsmanager.Secret
# parameter: ssm.StringParameter
# task_definition: ecs.TaskDefinition
# s3_bucket: s3.Bucket


new_container = task_definition.add_container("container",
    image=ecs.ContainerImage.from_registry("amazon/amazon-ecs-sample"),
    memory_limit_mi_b=1024,
    environment={ # clear text, not for sensitive data
        "STAGE": "prod"},
    environment_files=[ # list of environment files hosted either on local disk or S3
        ecs.EnvironmentFile.from_asset("./demo-env-file.env"),
        ecs.EnvironmentFile.from_bucket(s3_bucket, "assets/demo-env-file.env")],
    secrets={ # Retrieved from AWS Secrets Manager or AWS Systems Manager Parameter Store at container start-up.
        "SECRET": ecs.Secret.from_secrets_manager(secret),
        "DB_PASSWORD": ecs.Secret.from_secrets_manager(db_secret, "password"),  # Reference a specific JSON field, (requires platform version 1.4.0 or later for Fargate tasks)
        "API_KEY": ecs.Secret.from_secrets_manager_version(secret, ecs.SecretVersionInfo(version_id="12345"), "apiKey"),  # Reference a specific version of the secret by its version id or version stage (requires platform version 1.4.0 or later for Fargate tasks)
        "PARAMETER": ecs.Secret.from_ssm_parameter(parameter)}
)
new_container.add_environment("QUEUE_NAME", "MyQueue")

Attributes

version_id

version id of the secret.

Default:
  • use default version id

version_stage

version stage of the secret.

Default:
  • use default version stage