https://pulumi.com logo
Join Slack
Powered by
Good morning. Trying to generate a random passwor...
# getting-started
q
Good morning. Trying to generate a random password for an RDS database and then save the password as a secret to AWS Secret Manager. The secret gets created, but the password is always "{}". What am I doing wrong?
Copy code
//Create RDS Secret
        var config = new Pulumi.Config();
        string dbUser = config.Get("rdsUser").ToString();

        var password = new Random.RandomPassword("chpm-rds-password", new Random.RandomPasswordArgs
        {
            Length = 16,
            Special = true
        });



        var rdsSecret = new AwsClassic.SecretsManager.Secret("CHPM-DB-Secret");
        var secretObject = new
        {
            UserName = dbUser,
            Password = password.Result,
            Endpoint = "test"
        };
b
@quaint-river-59320 you need to create a 
SecretVersion
https://www.pulumi.com/registry/packages/aws/api-docs/secretsmanager/secretversion/ store the password in there. the 
SecretsManager.Secret
just creates a container to store secrets
q
Thank you, I hadn't actually put in all my code... What I was trying to do is create a JSON object and store that as the secret (since the AWS secrets key/values are stored as json). If I don't do the json serialization, it works.
Copy code
//Create RDS Secret
        var config = new Pulumi.Config();
        string dbUser = config.Get("rdsUser").ToString();

        var password = new Random.RandomPassword("chpm-rds-password", new Random.RandomPasswordArgs
        {
            Length = 16,
            Special = true
        });



        var rdsSecret = new AwsClassic.SecretsManager.Secret("CHPM-DB-Secret");
        var secretObject = new
        {
            UserName = dbUser,
            Password = password.Result,
            Endpoint = "test"
        };


        string jsonData = JsonConvert.SerializeObject(secretObject);
       // Create secret version
        var secretVersion = new AwsClassic.SecretsManager.SecretVersion("secretVersion", new AwsClassic.SecretsManager.SecretVersionArgs
        {
            SecretId = rdsSecret.Id,
            SecretString = jsonData,
        });
b
@quaint-river-59320 you'll need to use an 
apply
to do the JSON serialization
q
Same result with the apply
Copy code
//Create RDS Secret
        var config = new Pulumi.Config();
        string dbUser = config.Get("rdsUser").ToString();

        var password = new Random.RandomPassword("chpm-rds-password", new Random.RandomPasswordArgs
        {
            Length = 16,
            Special = true
        });



        var rdsSecret = new AwsClassic.SecretsManager.Secret("CHPM-DB-Secret");

        var secretObject = new
        {
            UserName = dbUser,
            Password = password.Result.Apply(p => $"{p}"),
            Endpoint = "test"
        };


        string jsonData = JsonConvert.SerializeObject(secretObject);
       // Create secret version
        var secretVersion = new AwsClassic.SecretsManager.SecretVersion("secretVersion", new AwsClassic.SecretsManager.SecretVersionArgs
        {
            SecretId = rdsSecret.Id,
            SecretString = jsonData,
        });
b
sorry, you'll need to do:
Copy code
var secretVersion = new AwsClassic.SecretsManager.SecretVersion("secretVersion", new AwsClassic.SecretsManager.SecretVersionArgs
        {
            SecretId = rdsSecret.Id,
            SecretString = password.Result.Apply(JsonConvert.SerializeObject(secretObject))

        });
I'm not great with C#, but hopefully you get the idea
you need to take the output, use an 
Apply
to create an JSON object, and then pass that to secretsmanager
the JSON object creation needs to happen inside the Apply
q
Ahh. I'll give that a go.
Got it. Thank you.
b
that worked?
q
Yes. That worked. I created a function that I called with Apply.
Thanks for your help.
4 Views
Open in Slack
PreviousNext
Powered by