Lightrun
question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

aws_secretsmanager: fromSecretNameV2 doesnt work

See original GitHub issue

What is the problem?

Given this code:

my_secret = secretsmanager.Secret.from_secret_name_v2(
    self, "my_secret",
    secret_name="hello"
)
my_secret.grant_read(s3_event_handler)

the resulting iam policy has a bunch of question marks in it:

          - Action:
              - secretsmanager:GetSecretValue
              - secretsmanager:DescribeSecret
            Effect: Allow
            Resource:
              Fn::Join:
                - ""
                - - "arn:"
                  - Ref: AWS::Partition
                  - :secretsmanager:eu-west-1:123123123123:secret:hello-??????

which is invalid

Reproduction Steps

see above

What did you expect to happen?

valid iam policy

What actually happened?

invalid iam policy

CDK CLI Version

2.8.0 (build 8a5eb49)

Framework Version

2.8.0

Node.js Version

v14.18.3

OS

Ubuntu 20.04.3 LTS

Language

Python

Language Version

No response

Other information

No response

Issue Analytics

  • State:closed
  • Created 2 years ago
  • Comments:22 (4 by maintainers)

github_iconTop GitHub Comments

3reactions
tdalbo92commented, Dec 10, 2022

This regression broke all of our new deployments - no change on our end, and existing deployments work fine (we’re using CDK to deploy into ECS Fargate). But anything new fails.

2reactions
frjonsencommented, Nov 18, 2022

This really shouldn’t be closed. I’m encountering the same error. Trying to import using fromSecretNameV2 result in an incomplete ARN.

Read more comments on GitHub >

github_iconTop Results From Across the Web

Troubleshooting AWS Secrets Manager
Use the information here to help you diagnose and fix issues that you might encounter when you're working with Secrets Manager.
Read more >
AWS SecretsManager value won't resolve
Now that I'm trying to load the values from a secret, it is not working. The problem is that I cannot parse the...
Read more >
awssecretsmanager
import secretsmanager "github.com/aws/aws-cdk-go/awscdk" ... If `aws/secretsmanager` doesn't yet exist, then Secrets Manager creates it for you ...
Read more >
@aws-cdk/aws-secretsmanager | Yarn - Package Manager
AWS Secrets Manager Construct Library. cfn-resources: Stable. cdk-constructs: Stable. import * as secretsmanager from '@aws-cdk/aws-secretsmanager'; ...
Read more >
Deploying Metabase into your AWS/RDS environment
I am greenfielding a new product at work. ... CDK.AWS.SecretsManager.Secret.FromSecretNameV2( this , "DBSecret" , "metabase" );.
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found
Previous page

ec2.BastionHostLinux: No easy way to pass in keyName to ssh in from this class

Next page

(CDK Pipelines): allow passing a Role to `CodePipeline`