Blogpost: ECS Fargate Passing secrets: DB credentials import in CDK
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // file: lib/db-credentials-stack.ts | |
| import { ISecret, Secret } from "@aws-cdk/aws-secretsmanager"; | |
| import * as cdk from "@aws-cdk/core"; | |
| export interface DBCredentials { | |
| username: ISecret; | |
| password: ISecret; | |
| } | |
| export class DbCredentialsStack extends cdk.Stack { | |
| readonly dbCredentials: { username: ISecret; password: ISecret }; | |
| constructor(scope: cdk.Construct, id: string, props?: cdk.StackProps) { | |
| super(scope, id, props); | |
| const secretUsername = Secret.fromSecretArn( | |
| this, | |
| "BackendPersistenceUsername", | |
| // replace the ARN with your actual one for your username secret | |
| `arn:aws:secretsmanager:${this.region}:${this.account}:secret:prod/backend/rds/username-<UNIQUE_ID>` | |
| ); | |
| const secretPassword = Secret.fromSecretArn( | |
| this, | |
| "BackendPersistencePassword", | |
| // replace the ARN with your actual one for your password secret | |
| `arn:aws:secretsmanager:${this.region}:${this.account}:secret:prod/backend/rds/password-<UNIQUE_ID>` | |
| ); | |
| this.dbCredentials = { | |
| username: secretUsername, | |
| password: secretPassword, | |
| }; | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment