Class Secret
A secret environment variable.
Inheritance
Namespace: Amazon.CDK.AWS.ECS
Assembly: Amazon.CDK.AWS.ECS.dll
Syntax (csharp)
public abstract class Secret : DeputyBase
Syntax (vb)
Public MustInherit Class Secret
Inherits DeputyBase
Remarks
ExampleMetadata: infused
Examples
Secret secret;
Secret dbSecret;
StringParameter parameter;
TaskDefinition taskDefinition;
Bucket s3Bucket;
var newContainer = taskDefinition.AddContainer("container", new ContainerDefinitionOptions {
Image = ContainerImage.FromRegistry("amazon/amazon-ecs-sample"),
MemoryLimitMiB = 1024,
Environment = new Dictionary<string, string> { // clear text, not for sensitive data
{ "STAGE", "prod" } },
EnvironmentFiles = new [] { EnvironmentFile.FromAsset("./demo-env-file.env"), EnvironmentFile.FromBucket(s3Bucket, "assets/demo-env-file.env") },
Secrets = new Dictionary<string, Secret> { // Retrieved from AWS Secrets Manager or AWS Systems Manager Parameter Store at container start-up.
{ "SECRET", Secret.FromSecretsManager(secret) },
{ "DB_PASSWORD", Secret.FromSecretsManager(dbSecret, "password") }, // Reference a specific JSON field, (requires platform version 1.4.0 or later for Fargate tasks)
{ "API_KEY", Secret.FromSecretsManagerVersion(secret, new SecretVersionInfo { VersionId = "12345" }, "apiKey") }, // Reference a specific version of the secret by its version id or version stage (requires platform version 1.4.0 or later for Fargate tasks)
{ "PARAMETER", Secret.FromSsmParameter(parameter) } }
});
newContainer.AddEnvironment("QUEUE_NAME", "MyQueue");
Synopsis
Constructors
Secret() | |
Secret(ByRefValue) | Used by jsii to construct an instance of this class from a Javascript-owned object reference |
Secret(DeputyBase.DeputyProps) | Used by jsii to construct an instance of this class from DeputyProps |
Properties
Arn | The ARN of the secret. |
HasField | Whether this secret uses a specific JSON field. |
Methods
FromSecretsManager(ISecret, String) | Creates a environment variable value from a secret stored in AWS Secrets Manager. |
FromSecretsManagerVersion(ISecret, ISecretVersionInfo, String) | Creates a environment variable value from a secret stored in AWS Secrets Manager. |
FromSsmParameter(IParameter) | Creates an environment variable value from a parameter stored in AWS Systems Manager Parameter Store. |
GrantRead(IGrantable) | Grants reading the secret to a principal. |
Constructors
Secret()
protected Secret()
Secret(ByRefValue)
Used by jsii to construct an instance of this class from a Javascript-owned object reference
protected Secret(ByRefValue reference)
Parameters
- reference Amazon.JSII.Runtime.Deputy.ByRefValue
The Javascript-owned object reference
Secret(DeputyBase.DeputyProps)
Used by jsii to construct an instance of this class from DeputyProps
protected Secret(DeputyBase.DeputyProps props)
Parameters
- props Amazon.JSII.Runtime.Deputy.DeputyBase.DeputyProps
The deputy props
Properties
Arn
The ARN of the secret.
public abstract string Arn { get; }
Property Value
System.String
HasField
Whether this secret uses a specific JSON field.
public abstract Nullable<bool> HasField { get; }
Property Value
System.Nullable<System.Boolean>
Methods
FromSecretsManager(ISecret, String)
Creates a environment variable value from a secret stored in AWS Secrets Manager.
public static Secret FromSecretsManager(ISecret secret, string field = null)
Parameters
- secret ISecret
the secret stored in AWS Secrets Manager.
- field System.String
the name of the field with the value that you want to set as the environment variable value.
Returns
FromSecretsManagerVersion(ISecret, ISecretVersionInfo, String)
Creates a environment variable value from a secret stored in AWS Secrets Manager.
public static Secret FromSecretsManagerVersion(ISecret secret, ISecretVersionInfo versionInfo, string field = null)
Parameters
- secret ISecret
the secret stored in AWS Secrets Manager.
- versionInfo ISecretVersionInfo
the version information to reference the secret.
- field System.String
the name of the field with the value that you want to set as the environment variable value.
Returns
FromSsmParameter(IParameter)
Creates an environment variable value from a parameter stored in AWS Systems Manager Parameter Store.
public static Secret FromSsmParameter(IParameter parameter)
Parameters
- parameter IParameter
Returns
GrantRead(IGrantable)
Grants reading the secret to a principal.
public abstract Grant GrantRead(IGrantable grantee)
Parameters
- grantee IGrantable
Returns