class Secret
Language | Type name |
---|---|
![]() | Amazon.CDK.AWS.AppRunner.Alpha.Secret |
![]() | github.com/aws/aws-cdk-go/awscdkapprunneralpha/v2#Secret |
![]() | software.amazon.awscdk.services.apprunner.alpha.Secret |
![]() | aws_cdk.aws_apprunner_alpha.Secret |
![]() | @aws-cdk/aws-apprunner-alpha ยป Secret |
A secret environment variable.
Example
import * as secretsmanager from 'aws-cdk-lib/aws-secretsmanager';
import * as ssm from 'aws-cdk-lib/aws-ssm';
declare const stack: Stack;
const secret = new secretsmanager.Secret(stack, 'Secret');
const parameter = ssm.StringParameter.fromSecureStringParameterAttributes(stack, 'Parameter', {
parameterName: '/name',
version: 1,
});
const service = new apprunner.Service(stack, 'Service', {
source: apprunner.Source.fromEcrPublic({
imageConfiguration: {
port: 8000,
environmentSecrets: {
SECRET: apprunner.Secret.fromSecretsManager(secret),
PARAMETER: apprunner.Secret.fromSsmParameter(parameter),
SECRET_ID: apprunner.Secret.fromSecretsManagerVersion(secret, { versionId: 'version-id' }),
SECRET_STAGE: apprunner.Secret.fromSecretsManagerVersion(secret, { versionStage: 'version-stage' }),
},
},
imageIdentifier: 'public.ecr.aws/aws-containers/hello-app-runner:latest',
})
});
service.addSecret('LATER_SECRET', apprunner.Secret.fromSecretsManager(secret, 'field'));
Initializer
new Secret()
Properties
Name | Type | Description |
---|---|---|
arn | string | The ARN of the secret. |
has | boolean | Whether this secret uses a specific JSON field. |
arn
Type:
string
The ARN of the secret.
hasField?
Type:
boolean
(optional)
Whether this secret uses a specific JSON field.
Methods
Name | Description |
---|---|
grant | Grants reading the secret to a principal. |
static from | Creates a environment variable value from a secret stored in AWS Secrets Manager. |
static from | Creates a environment variable value from a secret stored in AWS Secrets Manager. |
static from | Creates an environment variable value from a parameter stored in AWS Systems Manager Parameter Store. |
grantRead(grantee)
public grantRead(grantee: IGrantable): Grant
Parameters
- grantee
IGrantable
Returns
Grants reading the secret to a principal.
static fromSecretsManager(secret, field?)
public static fromSecretsManager(secret: ISecret, field?: string): Secret
Parameters
- secret
ISecret
โ the secret stored in AWS Secrets Manager. - field
string
โ the name of the field with the value that you want to set as the environment variable value.
Returns
Creates a environment variable value from a secret stored in AWS Secrets Manager.
static fromSecretsManagerVersion(secret, versionInfo, field?)
public static fromSecretsManagerVersion(secret: ISecret, versionInfo: SecretVersionInfo, field?: string): Secret
Parameters
- secret
ISecret
โ the secret stored in AWS Secrets Manager. - versionInfo
Secret
โ the version information to reference the secret.Version Info - field
string
โ the name of the field with the value that you want to set as the environment variable value.
Returns
Creates a environment variable value from a secret stored in AWS Secrets Manager.
static fromSsmParameter(parameter)
public static fromSsmParameter(parameter: IParameter): Secret
Parameters
- parameter
IParameter
Returns
Creates an environment variable value from a parameter stored in AWS Systems Manager Parameter Store.