How can I pass secrets or sensitive information securely to containers in an Amazon ECS task?

From wikieduonline
Jump to navigation Jump to search


 {
 "Version": "2012-10-17",
 "Statement": [
   {
     "Sid": "",
     "Effect": "Allow",
     "Principal": {
       "Service": "ecs-tasks.amazonaws.com"
     },
     "Action": "sts:AssumeRole"
   }
 ]
}


    secrets = [
     {
       name      = "YOUR_SECRET"
       valueFrom = "arn:aws:ssm:${var.aws_region}:${data.aws_caller_identity.current.account_id}:parameter/YOUR_PARAMETER"
     }
   ],


Related[edit]


secrets = [ { name = "YOUR_NAME" valueFrom = "${var.yourvar}" == "" ? "arn:aws:ssm:${var.aws_region}:${data.aws_caller_identity.current.account_id}:parameter/YOUR_PARAMETER${upper(var.env)}_YOUR_PASSWORD" : "arn:aws:ssm:${var.aws_region}:${data.aws_caller_identity.current.account_id}:parameter/YOUR_SECOND_PASSWORD" } ],

See also[edit]

Advertising: