Secret
- class aws_cdk.aws_apprunner_alpha.Secret
Bases:
object
(experimental) A secret environment variable.
- Stability:
experimental
- ExampleMetadata:
infused
Example:
import aws_cdk.aws_secretsmanager as secretsmanager import aws_cdk.aws_ssm as ssm # stack: Stack secret = secretsmanager.Secret(stack, "Secret") parameter = ssm.StringParameter.from_secure_string_parameter_attributes(stack, "Parameter", parameter_name="/name", version=1 ) service = apprunner.Service(stack, "Service", source=apprunner.Source.from_ecr_public( image_configuration=apprunner.ImageConfiguration( port=8000, environment_secrets={ "SECRET": apprunner.Secret.from_secrets_manager(secret), "PARAMETER": apprunner.Secret.from_ssm_parameter(parameter), "SECRET_ID": apprunner.Secret.from_secrets_manager_version(secret, version_id="version-id"), "SECRET_STAGE": apprunner.Secret.from_secrets_manager_version(secret, version_stage="version-stage") } ), image_identifier="public.ecr.aws/aws-containers/hello-app-runner:latest" ) ) service.add_secret("LATER_SECRET", apprunner.Secret.from_secrets_manager(secret, "field"))
- Stability:
experimental
Methods
- abstract grant_read(grantee)
(experimental) Grants reading the secret to a principal.
- Parameters:
grantee (
IGrantable
) –- Stability:
experimental
- Return type:
Attributes
- arn
(experimental) The ARN of the secret.
- Stability:
experimental
- has_field
(experimental) Whether this secret uses a specific JSON field.
- Stability:
experimental
Static Methods
- classmethod from_secrets_manager(secret, field=None)
(experimental) Creates a environment variable value from a secret stored in AWS Secrets Manager.
- Parameters:
secret (
ISecret
) – the secret stored in AWS Secrets Manager.field (
Optional
[str
]) – the name of the field with the value that you want to set as the environment variable value. Only values in JSON format are supported. If you do not specify a JSON field, then the full content of the secret is used.
- Stability:
experimental
- Return type:
- classmethod from_secrets_manager_version(secret, version_info, field=None)
(experimental) Creates a environment variable value from a secret stored in AWS Secrets Manager.
- Parameters:
secret (
ISecret
) – the secret stored in AWS Secrets Manager.version_info (
Union
[SecretVersionInfo
,Dict
[str
,Any
]]) – the version information to reference the secret.field (
Optional
[str
]) – the name of the field with the value that you want to set as the environment variable value. Only values in JSON format are supported. If you do not specify a JSON field, then the full content of the secret is used.
- Stability:
experimental
- Return type:
- classmethod from_ssm_parameter(parameter)
(experimental) Creates an environment variable value from a parameter stored in AWS Systems Manager Parameter Store.
- Parameters:
parameter (
IParameter
) –- Stability:
experimental
- Return type: