@aws-cdk_aws-apprunner-alpha.Secret

class Secret ๐Ÿ”น

LanguageType name
.NETAmazon.CDK.AWS.AppRunner.Alpha.Secret
Gogithub.com/aws/aws-cdk-go/awscdkapprunneralpha/v2#Secret
Javasoftware.amazon.awscdk.services.apprunner.alpha.Secret
Pythonaws_cdk.aws_apprunner_alpha.Secret
TypeScript (source)@aws-cdk/aws-apprunner-alpha ยป Secret

A secret environment variable.

Example

import * as secretsmanager from 'aws-cdk-lib/aws-secretsmanager';
import * as ssm from 'aws-cdk-lib/aws-ssm';

declare const stack: Stack;

const secret = new secretsmanager.Secret(stack, 'Secret');
const parameter = ssm.StringParameter.fromSecureStringParameterAttributes(stack, 'Parameter', {
  parameterName: '/name',
  version: 1,
});

const service = new apprunner.Service(stack, 'Service', {
  source: apprunner.Source.fromEcrPublic({
    imageConfiguration: {
      port: 8000,
      environmentSecrets: {
        SECRET: apprunner.Secret.fromSecretsManager(secret),
        PARAMETER: apprunner.Secret.fromSsmParameter(parameter),
        SECRET_ID: apprunner.Secret.fromSecretsManagerVersion(secret, { versionId: 'version-id' }),
        SECRET_STAGE: apprunner.Secret.fromSecretsManagerVersion(secret, { versionStage: 'version-stage' }),
      },
    },
    imageIdentifier: 'public.ecr.aws/aws-containers/hello-app-runner:latest',
  })
});

service.addSecret('LATER_SECRET', apprunner.Secret.fromSecretsManager(secret, 'field'));

Initializer

new Secret()

Properties

NameTypeDescription
arn๐Ÿ”นstringThe ARN of the secret.
hasField?๐Ÿ”นbooleanWhether this secret uses a specific JSON field.

arn๐Ÿ”น

Type: string

The ARN of the secret.


hasField?๐Ÿ”น

Type: boolean (optional)

Whether this secret uses a specific JSON field.

Methods

NameDescription
grantRead(grantee)๐Ÿ”นGrants reading the secret to a principal.
static fromSecretsManager(secret, field?)๐Ÿ”นCreates a environment variable value from a secret stored in AWS Secrets Manager.
static fromSecretsManagerVersion(secret, versionInfo, field?)๐Ÿ”นCreates a environment variable value from a secret stored in AWS Secrets Manager.
static fromSsmParameter(parameter)๐Ÿ”นCreates an environment variable value from a parameter stored in AWS Systems Manager Parameter Store.

grantRead(grantee)๐Ÿ”น

public grantRead(grantee: IGrantable): Grant

Parameters

  • grantee IGrantable

Returns

  • Grant

Grants reading the secret to a principal.


static fromSecretsManager(secret, field?)๐Ÿ”น

public static fromSecretsManager(secret: ISecret, field?: string): Secret

Parameters

  • secret ISecret โ€” the secret stored in AWS Secrets Manager.
  • field string โ€” the name of the field with the value that you want to set as the environment variable value.

Returns

  • Secret

Creates a environment variable value from a secret stored in AWS Secrets Manager.


static fromSecretsManagerVersion(secret, versionInfo, field?)๐Ÿ”น

public static fromSecretsManagerVersion(secret: ISecret, versionInfo: SecretVersionInfo, field?: string): Secret

Parameters

  • secret ISecret โ€” the secret stored in AWS Secrets Manager.
  • versionInfo SecretVersionInfo โ€” the version information to reference the secret.
  • field string โ€” the name of the field with the value that you want to set as the environment variable value.

Returns

  • Secret

Creates a environment variable value from a secret stored in AWS Secrets Manager.


static fromSsmParameter(parameter)๐Ÿ”น

public static fromSsmParameter(parameter: IParameter): Secret

Parameters

  • parameter IParameter

Returns

  • Secret

Creates an environment variable value from a parameter stored in AWS Systems Manager Parameter Store.