secretsmanager.Secret support name prefix on creation
See original GitHub issueI’d like to be able to call:
this.secret = new secretsmanager.Secret(this, "somesecret", {
prefix: "/production/MyApp/"
})
That way I still get a unique name but I can have an app specific prefix to make it easier to find my secret.
Use Case
I don’t want to specify a name for my secret - I want the autogenerated one. I do want my secret to be name spaced to the prefix I use for other components.
Proposed Solution
To accept a prefix:
e.g.
constructor(scope: Construct, id: string, props: SecretProps = {}) {
super(scope, id, {
physicalName: `{props.secretPrefix || ""}props.secretName`,
});
? I’m not really sure if that is the right way to do it - I am not a typescript expert.
Other
- 👋 I may be able to implement this feature request
- ⚠️ This feature might incur a breaking change
This is a 🚀 Feature Request
Issue Analytics
- State:
- Created 3 years ago
- Comments:13 (6 by maintainers)
Top Results From Across the Web
AWS::SecretsManager::Secret - AWS CloudFormation
An alias is always prefixed by alias / , for example alias/aws/secretsmanager . For more information, see About aliases.
Read more >aws_secretsmanager_secret | Resources | hashicorp/aws
To enable automatic secret rotation, the Secrets Manager service requires usage of ... (Optional) Creates a unique name beginning with the specified prefix....
Read more >create-secret — AWS CLI 2.9.6 Command Reference
A secret can be a password, a set of credentials such as a user name and password, an OAuth token, or other secret...
Read more >AWS secretsmanager error, unable to list the secrets with ...
Short Answer: Retrieving Secrets by prefix is not supported by AWS (as of Jan 7 2020). Here's Why: You probably tried to set...
Read more >aws secretsmanager create-secret
Note that if an Secrets Manager API call results in AWS creating the account's ... Do not use the aws: prefix in your...
Read more >Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start FreeTop Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Top GitHub Comments
@skinny85 We have other pieces of code that use discovery of “known” secret names. So not being able to lookup a secret by name because of the random added suffix breaks that flow. This is a pretty standard use of a secret store from my perspective. In any case, I’ve found a way to do what I wanted using the SecretStringValueBeta1 class in aws-cdk-lib/aws-secretsmanager lib. This code lets us create secret names and values of our choosing without the added random characters that otherwise would have been added.
No, it is not possible. This is just how the SecretsManger service works; there is nothing CDK-specific here (using
secretName
andSecret
will result in the same random suffix being added to the ARN).May I ask why is the suffix a problem?