[aws-rds] type for input parameter for rds.Credentials.fromSecret should be ISecret
See original GitHub issueAs I understood here rds.Credentials.fromSecret(secret: secretsmanager.Secret) (link) expects a object with all the attributes of secretsmanager.Secret (link). Secret extends SecretBase . SecretBase extends Resource and implements ISecret (link). Therefore Secret has more mandatory attributes than ISecret. The function to create the Secret secretmanager.Secret.fromSecretName(scope: Construct, id: string, secretName: string): ISecret (link) return only an ISecret. When I now call the rds.Credentials.fromSecret(iSecretObject) this will never match as ISecret will always miss some attributes. So from my perspective if secretmanager.Secret.fromSecretName (link) can only return a secretsmanager.Secret then the return type should be Secret. Or if secretmanager.Secret.fromSecretName can return multiple “secret” types and all of those can be used for rds.Credentials.fromSecret(secret) then this should only expect a secret object of type ISecret.
Reproduction Steps
import * as cdk from '@aws-cdk/core';
import * as rds from '@aws-cdk/aws-rds';
import * as ec2 from '@aws-cdk/aws-ec2';
import * as secretsmanager from '@aws-cdk/aws-secretsmanager';
export class InfrastructureStack extends cdk.Stack {
constructor(scope: cdk.Construct, id: string, props?: cdk.StackProps) {
super(scope, id, props);
const vpc = ec2.Vpc.fromLookup(this, "VPC", {
isDefault: true
})
const engine = rds.DatabaseInstanceEngine.postgres({ version: rds.PostgresEngineVersion.VER_12_3 });
const mySecret = secretsmanager.Secret.fromSecretName(this, 'DBSecret', 'myDBLoginInfo');
new rds.DatabaseInstance(this, 'InstanceWithSecretLogin', {
engine,
vpc,
credentials: rds.Credentials.fromSecret(mySecret), // Get both username and password from existing secret
});
}
}
What did you expect to happen?
rds.Credentials.fromSecret should have accepted mySecret of type ISecret.
What actually happened?
TS2345: Argument of type 'ISecret' is not assignable to parameter of type 'Secret'.
Type 'ISecret' is missing the following properties from type 'Secret': autoCreatePolicy, addTargetAttachment, attach, validate, and 12 more.
48 credentials: rds.Credentials.fromSecret(dbSecret),TS2345: Argument of type 'ISecret' is not assignable to parameter of type 'Secret'.
Type 'ISecret' is missing the following properties from type 'Secret': autoCreatePolicy, addTargetAttachment, attach, validate, and 12 more.
48 credentials: rds.Credentials.fromSecret(dbSecret),
Environment
- CLI Version : 1.68
- Framework Version: 1.68
- Node.js Version: v12.19.0
- OS : OSX 10.15.6
- Language (Version): TypeScript (3.8.3)
Other
This is 🐛 Bug Report
Issue Analytics
- State:
- Created 3 years ago
- Reactions:2
- Comments:6 (4 by maintainers)
Top GitHub Comments
@contrapunctus-xv we should have a release this week (before October 30).
@skinny85 what’s the release cadence for this project? Would love to have this fix in soon. Thank you and @dennisseidel