This message was deleted.

sparse-intern-71089

03/16/2021, 10:00 AM

This message was deleted.

colossal-australia-65039

03/16/2021, 4:47 PM

you can create a AWS secrets manager resource and then reference the arn of that resource in your fargate task definition

Copy code

"secrets": [
        {
          "name": "DATABASE_PASSWORD",
          "valueFrom": "arn:aws:secretsmanager:us-east-1:awsExampleAccountID:parameter/awsExampleParameter"
        }
      ]

numerous-psychiatrist-20856

03/16/2021, 5:06 PM

Cheers Mike. That’s helpful 🙂

👍 1

little-cartoon-10569

03/16/2021, 8:33 PM

FYI Pulumi secrets are only secret between where they're persisted, and your code. Once your code puts them somewhere, they're unencrypted. Generally solutions like Mike's are the way to go: the secret is secret in AWS's storage and used by AWS services.

numerous-psychiatrist-20856

03/18/2021, 10:48 AM

That makes sense and was my understanding (thank you for clarifying though 🙂 )

numerous-psychiatrist-20856

03/18/2021, 10:49 AM

and it turned out to be dead easy to set it as ssm parameter, so now I know how to solve it seems obvious

👍 1

Open in Slack

Previous Next

Pulumi Community

No matter how you like to participate in developer communities, Pulumi wants to meet you there. If you want to meet other Pulumi users to share use-cases and best practices, contribute code or documentation, see us at an event, or just tell a story about something cool you did with Pulumi, you are part of our community.