Blogpost: ECS Fargate Passing secrets: DB credentials import in CDK
| // file: lib/db-credentials-stack.ts | |
| import { ISecret, Secret } from "@aws-cdk/aws-secretsmanager"; | |
| import * as cdk from "@aws-cdk/core"; | |
| export interface DBCredentials { | |
| username: ISecret; | |
| password: ISecret; | |
| } | |
| export class DbCredentialsStack extends cdk.Stack { | |
| readonly dbCredentials: { username: ISecret; password: ISecret }; | |
| constructor(scope: cdk.Construct, id: string, props?: cdk.StackProps) { | |
| super(scope, id, props); | |
| const secretUsername = Secret.fromSecretArn( | |
| this, | |
| "BackendPersistenceUsername", | |
| // replace the ARN with your actual one for your username secret | |
| `arn:aws:secretsmanager:${this.region}:${this.account}:secret:prod/backend/rds/username-<UNIQUE_ID>` | |
| ); | |
| const secretPassword = Secret.fromSecretArn( | |
| this, | |
| "BackendPersistencePassword", | |
| // replace the ARN with your actual one for your password secret | |
| `arn:aws:secretsmanager:${this.region}:${this.account}:secret:prod/backend/rds/password-<UNIQUE_ID>` | |
| ); | |
| this.dbCredentials = { | |
| username: secretUsername, | |
| password: secretPassword, | |
| }; | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment