Skip to content

Instantly share code, notes, and snippets.

@michaelfecher
Created July 25, 2020 15:42
Show Gist options
  • Save michaelfecher/40b7b4b04ec02baadba95b16de3a0815 to your computer and use it in GitHub Desktop.
Save michaelfecher/40b7b4b04ec02baadba95b16de3a0815 to your computer and use it in GitHub Desktop.
Blogpost: ECS Fargate Passing secrets: DB credentials import in CDK
// file: lib/db-credentials-stack.ts
import { ISecret, Secret } from "@aws-cdk/aws-secretsmanager";
import * as cdk from "@aws-cdk/core";
export interface DBCredentials {
username: ISecret;
password: ISecret;
}
export class DbCredentialsStack extends cdk.Stack {
readonly dbCredentials: { username: ISecret; password: ISecret };
constructor(scope: cdk.Construct, id: string, props?: cdk.StackProps) {
super(scope, id, props);
const secretUsername = Secret.fromSecretArn(
this,
"BackendPersistenceUsername",
// replace the ARN with your actual one for your username secret
`arn:aws:secretsmanager:${this.region}:${this.account}:secret:prod/backend/rds/username-<UNIQUE_ID>`
);
const secretPassword = Secret.fromSecretArn(
this,
"BackendPersistencePassword",
// replace the ARN with your actual one for your password secret
`arn:aws:secretsmanager:${this.region}:${this.account}:secret:prod/backend/rds/password-<UNIQUE_ID>`
);
this.dbCredentials = {
username: secretUsername,
password: secretPassword,
};
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment