interface SecretVersionInfo
Language | Type name |
---|---|
.NET | Amazon.CDK.AWS.ECS.SecretVersionInfo |
Go | github.com/aws/aws-cdk-go/awscdk/v2/awsecs#SecretVersionInfo |
Java | software.amazon.awscdk.services.ecs.SecretVersionInfo |
Python | aws_cdk.aws_ecs.SecretVersionInfo |
TypeScript (source) | aws-cdk-lib » aws_ecs » SecretVersionInfo |
Specify the secret's version id or version stage.
Example
declare const secret: secretsmanager.Secret;
declare const dbSecret: secretsmanager.Secret;
declare const parameter: ssm.StringParameter;
declare const taskDefinition: ecs.TaskDefinition;
declare const s3Bucket: s3.Bucket;
const newContainer = taskDefinition.addContainer('container', {
image: ecs.ContainerImage.fromRegistry("amazon/amazon-ecs-sample"),
memoryLimitMiB: 1024,
environment: { // clear text, not for sensitive data
STAGE: 'prod',
},
environmentFiles: [ // list of environment files hosted either on local disk or S3
ecs.EnvironmentFile.fromAsset('./demo-env-file.env'),
ecs.EnvironmentFile.fromBucket(s3Bucket, 'assets/demo-env-file.env'),
],
secrets: { // Retrieved from AWS Secrets Manager or AWS Systems Manager Parameter Store at container start-up.
SECRET: ecs.Secret.fromSecretsManager(secret),
DB_PASSWORD: ecs.Secret.fromSecretsManager(dbSecret, 'password'), // Reference a specific JSON field, (requires platform version 1.4.0 or later for Fargate tasks)
API_KEY: ecs.Secret.fromSecretsManagerVersion(secret, { versionId: '12345' }, 'apiKey'), // Reference a specific version of the secret by its version id or version stage (requires platform version 1.4.0 or later for Fargate tasks)
PARAMETER: ecs.Secret.fromSsmParameter(parameter),
},
});
newContainer.addEnvironment('QUEUE_NAME', 'MyQueue');
newContainer.addSecret('API_KEY', ecs.Secret.fromSecretsManager(secret));
newContainer.addSecret('DB_PASSWORD', ecs.Secret.fromSecretsManager(secret, 'password'));
Properties
Name | Type | Description |
---|---|---|
version | string | version id of the secret. |
version | string | version stage of the secret. |
versionId?
Type:
string
(optional, default: use default version id)
version id of the secret.
versionStage?
Type:
string
(optional, default: use default version stage)
version stage of the secret.