Lightrun
question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Secret Manager generateSecretString and generateStringKey must be specified together

See original GitHub issue

Secret manager Secret creation in the cdk require to mention both generateSecretString and generateStringKey together. This is not required in cloudformation.

I can help implementing if needed I just posted it not to forget.

Reproduction Steps

       import * as cdkSecret from '@aws-cdk/aws-secretsmanager';

        new cdkSecret.Secret(
          this, 'Secret' + instance, {
          generateSecretString: {
            secretStringTemplate: JSON.stringify({ 
              username: "hello-secret",
            }),
            // generateStringKey should't be required 
            generateStringKey: 'tmp'
          }
        });

This is 🐛 Bug Report

Issue Analytics

  • State:closed
  • Created 4 years ago
  • Comments:6 (3 by maintainers)

github_iconTop GitHub Comments

1reaction
pushthatcommented, Feb 5, 2020

You could for example aggregate multiple secrets from other secrets into one big. I see what you sent in the documentation @jogold however this template is valid and deploy in cloudformation :

  Secret: 
    Type: AWS::SecretsManager::Secret 
    Properties: 
      Description: "my description" 
      Name:  "test"
      GenerateSecretString: 
        SecretStringTemplate: !Sub '{"username": "test"}'

There’s an inconsistency between cdk and cloudformation.

0reactions
pushthatcommented, Feb 5, 2020

Seams that now it is consistent

Read more comments on GitHub >

github_iconTop Results From Across the Web

AWS::SecretsManager::Secret GenerateSecretString
Generates a random password. We recommend that you specify the maximum length and include every character type that the system you are generating...
Read more >
Using AWS Secrets manager's Secret in Cloudformation
Yes, you need to use Roles for EC2 to setup permissions for the instance to access the secret. You can find more details...
Read more >
awssecretsmanager - Go Packages
The `AWS::SecretsManager::SecretTargetAttachment` resource completes the final link between a Secrets Manager secret and the associated database by adding the ...
Read more >
AWS::SecretsManager::Secret - Amazon CloudFormation
A structure that specifies how to generate a password to encrypt and store in the secret. To include a specific string in the...
Read more >
AWS Secrets Manager: Create and Rotate secrets automatically
Description: 'Secret with dynamically generated password.' GenerateSecretString: RequireEachIncludedType: True SecretStringTemplate: '{"username": "MyDBAdmin"}'
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found
Previous page

KMS - Ability to import an AWS managed key by its alias

Next page

Provide more grant APIs for the StateMachine construct