class Secret

Language	Type name
.NET	Amazon.CDK.AWS.ECS.Secret
Go	github.com/aws/aws-cdk-go/awscdk/v2/awsecs#Secret
Java	software.amazon.awscdk.services.ecs.Secret
Python	aws_cdk.aws_ecs.Secret
TypeScript (source)	aws-cdk-lib » aws_ecs » Secret

A secret environment variable.

Example

declare const secret: secretsmanager.Secret;
declare const parameter: ssm.StringParameter;

const taskDefinition = new ecs.Ec2TaskDefinition(this, 'TaskDef');
taskDefinition.addContainer('TheContainer', {
  image: ecs.ContainerImage.fromRegistry('example-image'),
  memoryLimitMiB: 256,
  logging: ecs.LogDrivers.firelens({
    options: {
      // ... log driver options here ...
    },
    secretOptions: { // Retrieved from AWS Secrets Manager or AWS Systems Manager Parameter Store
      apikey: ecs.Secret.fromSecretsManager(secret),
      host: ecs.Secret.fromSsmParameter(parameter),
    },
  }),
});

Initializer

new Secret()

Properties

Name	Type	Description
arn	string	The ARN of the secret.
hasField?	boolean	Whether this secret uses a specific JSON field.

---

arn

Type: string

The ARN of the secret.

---

hasField?

Type: boolean (optional)

Whether this secret uses a specific JSON field.

Methods

Name	Description
grantRead(grantee)	Grants reading the secret to a principal.
static fromSecretsManager(secret, field?)	Creates a environment variable value from a secret stored in AWS Secrets Manager.
static fromSecretsManagerVersion(secret, versionInfo, field?)	Creates a environment variable value from a secret stored in AWS Secrets Manager.
static fromSsmParameter(parameter)	Creates an environment variable value from a parameter stored in AWS Systems Manager Parameter Store.

---

grantRead(grantee)

public grantRead(grantee: IGrantable): Grant

Parameters

• grantee IGrantable

Returns

• Grant

Grants reading the secret to a principal.

---

static fromSecretsManager(secret, field?)

public static fromSecretsManager(secret: ISecret, field?: string): Secret

Parameters

• secret ISecret — the secret stored in AWS Secrets Manager.
• field string — the name of the field with the value that you want to set as the environment variable value.

Returns

• Secret

Creates a environment variable value from a secret stored in AWS Secrets Manager.

---

static fromSecretsManagerVersion(secret, versionInfo, field?)

public static fromSecretsManagerVersion(secret: ISecret, versionInfo: SecretVersionInfo, field?: string): Secret

Parameters

• secret ISecret — the secret stored in AWS Secrets Manager.
• versionInfo SecretVersionInfo — the version information to reference the secret.
• field string — the name of the field with the value that you want to set as the environment variable value.

Returns

• Secret

Creates a environment variable value from a secret stored in AWS Secrets Manager.

---

static fromSsmParameter(parameter)

public static fromSsmParameter(parameter: IParameter): Secret

Parameters

• parameter IParameter

Returns

• Secret

Creates an environment variable value from a parameter stored in AWS Systems Manager Parameter Store.