software.amazon.awscdk.services.ecs

Class Secret

java.lang.Object

software.amazon.jsii.JsiiObject

software.amazon.awscdk.services.ecs.Secret

@Generated(value="jsii-pacmak/1.67.0 (build 2c027f5)",
           date="2022-09-28T18:14:44.994Z")
public abstract class Secret
extends software.amazon.jsii.JsiiObject

A secret environment variable.

Example:

 Secret secret;
 Secret dbSecret;
 StringParameter parameter;
 TaskDefinition taskDefinition;
 Bucket s3Bucket;
 ContainerDefinition newContainer = taskDefinition.addContainer("container", ContainerDefinitionOptions.builder()
         .image(ContainerImage.fromRegistry("amazon/amazon-ecs-sample"))
         .memoryLimitMiB(1024)
         .environment(Map.of( // clear text, not for sensitive data
                 "STAGE", "prod"))
         .environmentFiles(List.of(EnvironmentFile.fromAsset("./demo-env-file.env"), EnvironmentFile.fromBucket(s3Bucket, "assets/demo-env-file.env")))
         .secrets(Map.of( // Retrieved from AWS Secrets Manager or AWS Systems Manager Parameter Store at container start-up.
                 "SECRET", Secret.fromSecretsManager(secret),
                 "DB_PASSWORD", Secret.fromSecretsManager(dbSecret, "password"),  // Reference a specific JSON field, (requires platform version 1.4.0 or later for Fargate tasks)
                 "API_KEY", Secret.fromSecretsManagerVersion(secret, SecretVersionInfo.builder().versionId("12345").build(), "apiKey"),  // Reference a specific version of the secret by its version id or version stage (requires platform version 1.4.0 or later for Fargate tasks)
                 "PARAMETER", Secret.fromSsmParameter(parameter)))
         .build());
 newContainer.addEnvironment("QUEUE_NAME", "MyQueue");
 

Constructor Summary

Constructors

Modifier	Constructor and Description
protected	Secret()
protected	Secret(software.amazon.jsii.JsiiObject.InitializationMode initializationMode)
protected	Secret(software.amazon.jsii.JsiiObjectRef objRef)

Method Summary

Modifier and Type	Method and Description
static Secret	fromSecretsManager(ISecret secret) Creates a environment variable value from a secret stored in AWS Secrets Manager.
static Secret	fromSecretsManager(ISecret secret, java.lang.String field) Creates a environment variable value from a secret stored in AWS Secrets Manager.
static Secret	fromSecretsManagerVersion(ISecret secret, SecretVersionInfo versionInfo) Creates a environment variable value from a secret stored in AWS Secrets Manager.
static Secret	fromSecretsManagerVersion(ISecret secret, SecretVersionInfo versionInfo, java.lang.String field) Creates a environment variable value from a secret stored in AWS Secrets Manager.
static Secret	fromSsmParameter(IParameter parameter) Creates an environment variable value from a parameter stored in AWS Systems Manager Parameter Store.
abstract java.lang.String	getArn() The ARN of the secret.
abstract java.lang.Boolean	getHasField() Whether this secret uses a specific JSON field.
abstract Grant	grantRead(IGrantable grantee) Grants reading the secret to a principal.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

Secret

protected Secret(software.amazon.jsii.JsiiObjectRef objRef)

Secret

protected Secret(software.amazon.jsii.JsiiObject.InitializationMode initializationMode)

Secret

protected Secret()

Method Detail

fromSecretsManager

public static Secret fromSecretsManager(ISecret secret,
                                        java.lang.String field)

Creates a environment variable value from a secret stored in AWS Secrets Manager.

Parameters:

secret - the secret stored in AWS Secrets Manager. This parameter is required.

field - the name of the field with the value that you want to set as the environment variable value.

fromSecretsManager

public static Secret fromSecretsManager(ISecret secret)

Creates a environment variable value from a secret stored in AWS Secrets Manager.

Parameters:

secret - the secret stored in AWS Secrets Manager. This parameter is required.

fromSecretsManagerVersion

public static Secret fromSecretsManagerVersion(ISecret secret,
                                               SecretVersionInfo versionInfo,
                                               java.lang.String field)

Creates a environment variable value from a secret stored in AWS Secrets Manager.

Parameters:

secret - the secret stored in AWS Secrets Manager. This parameter is required.

versionInfo - the version information to reference the secret. This parameter is required.

field - the name of the field with the value that you want to set as the environment variable value.

fromSecretsManagerVersion

public static Secret fromSecretsManagerVersion(ISecret secret,
                                               SecretVersionInfo versionInfo)

Creates a environment variable value from a secret stored in AWS Secrets Manager.

Parameters:

secret - the secret stored in AWS Secrets Manager. This parameter is required.

versionInfo - the version information to reference the secret. This parameter is required.

fromSsmParameter

public static Secret fromSsmParameter(IParameter parameter)

Creates an environment variable value from a parameter stored in AWS Systems Manager Parameter Store.

Parameters:

parameter - This parameter is required.

grantRead

public abstract Grant grantRead(IGrantable grantee)

Grants reading the secret to a principal.

Parameters:

grantee - This parameter is required.

getArn

public abstract java.lang.String getArn()

The ARN of the secret.

getHasField

public abstract java.lang.Boolean getHasField()

Whether this secret uses a specific JSON field.