AWS::Batch::JobDefinition Secret
An object that represents the secret to expose to your container. Secrets can be exposed to a container in the following ways:
-
To inject sensitive data into your containers as environment variables, use the
secrets
container definition parameter. -
To reference sensitive information in the log configuration of a container, use the
secretOptions
container definition parameter.
For more information, see Specifying sensitive data in the Amazon Batch User Guide.
Syntax
To declare this entity in your Amazon CloudFormation template, use the following syntax:
Properties
Name
-
The name of the secret.
Required: Yes
Type: String
Update requires: No interruption
ValueFrom
-
The secret to expose to the container. The supported values are either the full Amazon Resource Name (ARN) of the Amazon Secrets Manager secret or the full ARN of the parameter in the Amazon Systems Manager Parameter Store.
Note
If the Amazon Systems Manager Parameter Store parameter exists in the same Region as the job you're launching, then you can use either the full Amazon Resource Name (ARN) or name of the parameter. If the parameter exists in a different Region, then the full ARN must be specified.
Required: Yes
Type: String
Update requires: No interruption