1回答
- 新しい順
- 投票が多い順
- コメントが多い順
1
Did you try to add GetSecretValue permission to execution role in one of the following ways:
{
"Action": "secretsmanager:GetSecretValue",
"Effect": "Allow",
"Resource": "arn:aws:secretsmanager:Region:AccountId:secret:APIKEY-??????",
}
Or
{
"Action": "secretsmanager:GetSecretValue",
"Effect": "Allow",
"Resource": "arn:aws:secretsmanager:Region:AccountId:secret:APIKEY/*",
}
Or
{
"Action": "secretsmanager:GetSecretValue",
"Effect": "Allow",
"Resource": "*",
}
Please do not put '*' for region and account id in resource value.
Comment here how it goes.
Happy to assist further.
Abhishek
関連するコンテンツ
- AWS公式更新しました 3年前
- AWS公式更新しました 1年前
Did you get a chance to try this out, comment here if you have any questions further. Would be glad to help.
I tried:
And the secret is still logging as
undefined
when logging the secret from the container.I just setup ECS Exec and got into a running container. When I
printenv
I see the variable as it should be. It appears that something changed in my application code to cause this issue. Thank you for the help and I'll accept the answer which is useful and provides best practices.