aws-cdk-lib.aws_ecs.Secret

class Secret

LanguageType name
.NETAmazon.CDK.AWS.ECS.Secret
Gogithub.com/aws/aws-cdk-go/awscdk/v2/awsecs#Secret
Javasoftware.amazon.awscdk.services.ecs.Secret
Pythonaws_cdk.aws_ecs.Secret
TypeScript (source)aws-cdk-lib » aws_ecs » Secret

A secret environment variable.

Example

declare const secret: secretsmanager.Secret;
declare const parameter: ssm.StringParameter;

const taskDefinition = new ecs.Ec2TaskDefinition(this, 'TaskDef');
taskDefinition.addContainer('TheContainer', {
  image: ecs.ContainerImage.fromRegistry('example-image'),
  memoryLimitMiB: 256,
  logging: ecs.LogDrivers.firelens({
    options: {
      // ... log driver options here ...
    },
    secretOptions: { // Retrieved from AWS Secrets Manager or AWS Systems Manager Parameter Store
      apikey: ecs.Secret.fromSecretsManager(secret),
      host: ecs.Secret.fromSsmParameter(parameter),
    },
  }),
});

Initializer

new Secret()

Properties

NameTypeDescription
arnstringThe ARN of the secret.
hasField?booleanWhether this secret uses a specific JSON field.

arn

Type: string

The ARN of the secret.


hasField?

Type: boolean (optional)

Whether this secret uses a specific JSON field.

Methods

NameDescription
grantRead(grantee)Grants reading the secret to a principal.
static fromSecretsManager(secret, field?)Creates a environment variable value from a secret stored in AWS Secrets Manager.
static fromSecretsManagerVersion(secret, versionInfo, field?)Creates a environment variable value from a secret stored in AWS Secrets Manager.
static fromSsmParameter(parameter)Creates an environment variable value from a parameter stored in AWS Systems Manager Parameter Store.

grantRead(grantee)

public grantRead(grantee: IGrantable): Grant

Parameters

  • grantee IGrantable

Returns

  • Grant

Grants reading the secret to a principal.


static fromSecretsManager(secret, field?)

public static fromSecretsManager(secret: ISecret, field?: string): Secret

Parameters

  • secret ISecret — the secret stored in AWS Secrets Manager.
  • field string — the name of the field with the value that you want to set as the environment variable value.

Returns

  • Secret

Creates a environment variable value from a secret stored in AWS Secrets Manager.


static fromSecretsManagerVersion(secret, versionInfo, field?)

public static fromSecretsManagerVersion(secret: ISecret, versionInfo: SecretVersionInfo, field?: string): Secret

Parameters

  • secret ISecret — the secret stored in AWS Secrets Manager.
  • versionInfo SecretVersionInfo — the version information to reference the secret.
  • field string — the name of the field with the value that you want to set as the environment variable value.

Returns

  • Secret

Creates a environment variable value from a secret stored in AWS Secrets Manager.


static fromSsmParameter(parameter)

public static fromSsmParameter(parameter: IParameter): Secret

Parameters

  • parameter IParameter

Returns

  • Secret

Creates an environment variable value from a parameter stored in AWS Systems Manager Parameter Store.