- Newest
- Most votes
- Most comments
Hi, this blog post gives you all detailled information about what you want to achieve and how to implement it: https://aws.amazon.com/blogs/networking-and-content-delivery/securing-and-accessing-secrets-from-lambdaedge-using-aws-secrets-manager/
I think my issue may revolve around how to properly store the key in the secrets manager... Initially, I had the public key hardcoded in a python string and it was of the form:
public_key="-----BEGIN PUBLIC KEY----- \n...\n...\n...\n...\n...\n ...\n...\n-----END PUBLIC KEY-----"
where I had to insert \n newlines at the end of every line as I copied it from the .pem file. The hardcoded string works with the CDK. I tried placing this exact format in secrets manager and it didn't work (with the above error)... I also tried this format with SSM Parameter store, and it did not work... With SSM Parameter store, I was able to go back and paste the key in as a multiline string (where the breaks are seen at the end of each line)... If I try to do this in secrets manager, the line breaks are converted to spaces, and the key is no longer valid. I believe when i removed the spaces, the key also does not work.
Relevant content
- asked 5 months ago
- Accepted Answerasked 2 years ago
- AWS OFFICIALUpdated 7 months ago
- AWS OFFICIALUpdated 9 months ago
- AWS OFFICIALUpdated 9 months ago
- AWS OFFICIALUpdated 2 months ago
What’s the error you are receiving?
Here was the errror:
11:17:16 PM | UPDATE_FAILED | AWS::CloudFront::PublicKey | PubKeyB78B0EBC Resource handler returned message: "Invalid request provided: AWS::CloudFront::PublicKey" (RequestToken: 1f556dd6-614f-f8c3-43c2 -5c86ae9db53a, HandlerErrorCode: InvalidRequest)