q

    quaint-river-59320

    5 months ago
    Good morning. Trying to generate a random password for an RDS database and then save the password as a secret to AWS Secret Manager. The secret gets created, but the password is always "{}". What am I doing wrong?
    //Create RDS Secret
            var config = new Pulumi.Config();
            string dbUser = config.Get("rdsUser").ToString();
    
            var password = new Random.RandomPassword("chpm-rds-password", new Random.RandomPasswordArgs
            {
                Length = 16,
                Special = true
            });
    
    
    
            var rdsSecret = new AwsClassic.SecretsManager.Secret("CHPM-DB-Secret");
            var secretObject = new
            {
                UserName = dbUser,
                Password = password.Result,
                Endpoint = "test"
            };
    b

    billowy-army-68599

    5 months ago
    @quaint-river-59320 you need to create a
    SecretVersion
    https://www.pulumi.com/registry/packages/aws/api-docs/secretsmanager/secretversion/ store the password in there. the
    SecretsManager.Secret
    just creates a container to store secrets
    q

    quaint-river-59320

    5 months ago
    Thank you, I hadn't actually put in all my code... What I was trying to do is create a JSON object and store that as the secret (since the AWS secrets key/values are stored as json). If I don't do the json serialization, it works.
    //Create RDS Secret
            var config = new Pulumi.Config();
            string dbUser = config.Get("rdsUser").ToString();
    
            var password = new Random.RandomPassword("chpm-rds-password", new Random.RandomPasswordArgs
            {
                Length = 16,
                Special = true
            });
    
    
    
            var rdsSecret = new AwsClassic.SecretsManager.Secret("CHPM-DB-Secret");
            var secretObject = new
            {
                UserName = dbUser,
                Password = password.Result,
                Endpoint = "test"
            };
    
    
            string jsonData = JsonConvert.SerializeObject(secretObject);
           // Create secret version
            var secretVersion = new AwsClassic.SecretsManager.SecretVersion("secretVersion", new AwsClassic.SecretsManager.SecretVersionArgs
            {
                SecretId = rdsSecret.Id,
                SecretString = jsonData,
            });
    b

    billowy-army-68599

    5 months ago
    @quaint-river-59320 you'll need to use an
    apply
    to do the JSON serialization
    q

    quaint-river-59320

    5 months ago
    Same result with the apply
    //Create RDS Secret
            var config = new Pulumi.Config();
            string dbUser = config.Get("rdsUser").ToString();
    
            var password = new Random.RandomPassword("chpm-rds-password", new Random.RandomPasswordArgs
            {
                Length = 16,
                Special = true
            });
    
    
    
            var rdsSecret = new AwsClassic.SecretsManager.Secret("CHPM-DB-Secret");
    
            var secretObject = new
            {
                UserName = dbUser,
                Password = password.Result.Apply(p => $"{p}"),
                Endpoint = "test"
            };
    
    
            string jsonData = JsonConvert.SerializeObject(secretObject);
           // Create secret version
            var secretVersion = new AwsClassic.SecretsManager.SecretVersion("secretVersion", new AwsClassic.SecretsManager.SecretVersionArgs
            {
                SecretId = rdsSecret.Id,
                SecretString = jsonData,
            });
    b

    billowy-army-68599

    5 months ago
    sorry, you'll need to do:
    var secretVersion = new AwsClassic.SecretsManager.SecretVersion("secretVersion", new AwsClassic.SecretsManager.SecretVersionArgs
            {
                SecretId = rdsSecret.Id,
                SecretString = password.Result.Apply(JsonConvert.SerializeObject(secretObject))
    
            });
    I'm not great with C#, but hopefully you get the idea
    you need to take the output, use an
    Apply
    to create an JSON object, and then pass that to secretsmanager
    the JSON object creation needs to happen inside the Apply
    q

    quaint-river-59320

    5 months ago
    Ahh. I'll give that a go.
    Got it. Thank you.
    b

    billowy-army-68599

    5 months ago
    that worked?
    q

    quaint-river-59320

    5 months ago
    Yes. That worked. I created a function that I called with Apply.
    Thanks for your help.