Specifying sensitive data - AWS Batch

Specifying sensitive data

AWS Batch enables you to inject sensitive data into your jobs by storing your sensitive data in either AWS Secrets Manager secrets or AWS Systems Manager Parameter Store parameters and then referencing them in your job definition.

Secrets can be exposed to a job in the following ways:

  • To inject sensitive data into your containers as environment variables, use the secrets job definition parameter.

  • To reference sensitive information in the log configuration of a job, use the secretOptions job definition parameter.