Passing sensitive data to a container - Amazon Elastic Container Service
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China.

Passing sensitive data to a container

You can use Amazon ECS to inject sensitive data into your containers by storing your sensitive data in either Amazon Secrets Manager secrets or Amazon Systems Manager Parameter Store parameters and then referencing them in your container definition.

Secrets can be exposed to a container in the following ways:

  • To inject sensitive data into your containers as environment variables, use the secrets container definition parameter.

  • To reference sensitive information in the log configuration of a container, use the secretOptions container definition parameter.