aws_secretsmanager: fromSecretNameV2 doesnt work
See original GitHub issueWhat is the problem?
Given this code:
my_secret = secretsmanager.Secret.from_secret_name_v2(
self, "my_secret",
secret_name="hello"
)
my_secret.grant_read(s3_event_handler)
the resulting iam policy has a bunch of question marks in it:
- Action:
- secretsmanager:GetSecretValue
- secretsmanager:DescribeSecret
Effect: Allow
Resource:
Fn::Join:
- ""
- - "arn:"
- Ref: AWS::Partition
- :secretsmanager:eu-west-1:123123123123:secret:hello-??????
which is invalid
Reproduction Steps
see above
What did you expect to happen?
valid iam policy
What actually happened?
invalid iam policy
CDK CLI Version
2.8.0 (build 8a5eb49)
Framework Version
2.8.0
Node.js Version
v14.18.3
OS
Ubuntu 20.04.3 LTS
Language
Python
Language Version
No response
Other information
No response
Issue Analytics
- State:
- Created 2 years ago
- Comments:22 (4 by maintainers)
Top Results From Across the Web
Troubleshooting AWS Secrets Manager
Use the information here to help you diagnose and fix issues that you might encounter when you're working with Secrets Manager.
Read more >AWS SecretsManager value won't resolve
Now that I'm trying to load the values from a secret, it is not working. The problem is that I cannot parse the...
Read more >awssecretsmanager
import secretsmanager "github.com/aws/aws-cdk-go/awscdk" ... If `aws/secretsmanager` doesn't yet exist, then Secrets Manager creates it for you ...
Read more >@aws-cdk/aws-secretsmanager | Yarn - Package Manager
AWS Secrets Manager Construct Library. cfn-resources: Stable. cdk-constructs: Stable. import * as secretsmanager from '@aws-cdk/aws-secretsmanager'; ...
Read more >Deploying Metabase into your AWS/RDS environment
I am greenfielding a new product at work. ... CDK.AWS.SecretsManager.Secret.FromSecretNameV2( this , "DBSecret" , "metabase" );.
Read more >Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start FreeTop Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Top GitHub Comments
This regression broke all of our new deployments - no change on our end, and existing deployments work fine (we’re using CDK to deploy into ECS Fargate). But anything new fails.
This really shouldn’t be closed. I’m encountering the same error. Trying to import using fromSecretNameV2 result in an incomplete ARN.