How to use @aws-cdk/aws-secretsmanager - 4 common examples

To help you get started, we’ve selected a few @aws-cdk/aws-secretsmanager examples, based on popular ways it is used in public projects.

Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.

github customink / activerecord-aurora-serverless-adapter / test / aurora-serverless / lib / aurora-serverless-stack.ts View on Github external
aurora2.addDependsOn(dbParamGroup);
    new CfnOutput(this, "AASAResourceArn", {
      value: `arn:aws:rds:${this.region}:${this.account}:cluster:${DB_CLUSTER_ID}`
    });
    new CfnOutput(this, "AASAResourceArn2", {
      value: `arn:aws:rds:${this.region}:${this.account}:cluster:${DB_CLUSTER_ID}2`
    });

    // SECRETS

    const secret = new CfnSecret(
      this,
      "Secret",
      secretProps(aurora, DB_CLUSTER_ID)
    );
    const secret2 = new CfnSecret(
      this,
      "Secret2",
      secretProps(aurora2, `${DB_CLUSTER_ID}2`)
    );
    secret.addDependsOn(aurora);
    secret2.addDependsOn(aurora2);
    new CfnOutput(this, "AASASecretArn", {
      value: secret.ref
    });
    new CfnOutput(this, "AASASecretArn2", {
      value: secret2.ref
    });

    // TEST USER

    const user = new User(this, "TestUser");
github customink / activerecord-aurora-serverless-adapter / test / aurora-serverless / lib / aurora-serverless-stack.ts View on Github external
dbSubnetGroup.dbSubnetGroupName,
        dbParamGroup
      )
    );
    aurora.addDependsOn(dbParamGroup);
    aurora2.addDependsOn(dbParamGroup);
    new CfnOutput(this, "AASAResourceArn", {
      value: `arn:aws:rds:${this.region}:${this.account}:cluster:${DB_CLUSTER_ID}`
    });
    new CfnOutput(this, "AASAResourceArn2", {
      value: `arn:aws:rds:${this.region}:${this.account}:cluster:${DB_CLUSTER_ID}2`
    });

    // SECRETS

    const secret = new CfnSecret(
      this,
      "Secret",
      secretProps(aurora, DB_CLUSTER_ID)
    );
    const secret2 = new CfnSecret(
      this,
      "Secret2",
      secretProps(aurora2, `${DB_CLUSTER_ID}2`)
    );
    secret.addDependsOn(aurora);
    secret2.addDependsOn(aurora2);
    new CfnOutput(this, "AASASecretArn", {
      value: secret.ref
    });
    new CfnOutput(this, "AASASecretArn2", {
      value: secret2.ref
github fogfish / aws-cdk-pure / hoc / src / config.ts View on Github external
//
// Copyright (C) 2019 Dmitry Kolesnikov
//
// This file may be modified and distributed under the terms
// of the MIT license.  See the LICENSE file for details.
// https://github.com/fogfish/aws-cdk-pure
//
// Config/Secret Management HoC
//
import * as secret from '@aws-cdk/aws-secretsmanager'
import { IaaC, include, IPure } from 'aws-cdk-pure'

const defaultBucket = process.env.AWS_IAAC_CONFIG || 'undefined'
const vault = include(secret.Secret.fromSecretAttributes)

/**
 * returns a configuration as string value for given key as it is stored by AWS Secret Manager 
 *   
 * @param key name of the key
 * @param bucket AWS Secret Manager bucket, the value of AWS_IAAC_CONFIG env var is used as default bucket,
 */
export function String(key: string, bucket: string = defaultBucket): IPure<string> {
  return vault(Config(bucket)).map(x => x.secretValueFromJson(key).toString())
}

function Config(secretArn: string): IaaC<secret.SecretAttributes> {
  const Secret = () => ({ secretArn })
  return Secret
}
github aws / aws-cdk / packages / @aws-cdk / aws-rds / lib / database-secret.ts View on Github external
readonly username: string;

  /**
   * The KMS key to use to encrypt the secret.
   *
   * @default default master key
   */
  readonly encryptionKey?: kms.IKey;
}

/**
 * A database secret.
 *
 * @resource AWS::SecretsManager::Secret
 */
export class DatabaseSecret extends secretsmanager.Secret {
  constructor(scope: Construct, id: string, props: DatabaseSecretProps) {
    super(scope, id, {
      encryptionKey: props.encryptionKey,
      generateSecretString: {
        passwordLength: 30, // Oracle password cannot have more than 30 characters
        secretStringTemplate: JSON.stringify({ username: props.username }),
        generateStringKey: 'password',
        excludeCharacters: '"@/\\'
      }
    });
  }
}

@aws-cdk/aws-secretsmanager

The CDK Construct Library for AWS::SecretsManager

Apache-2.0
Latest version published 4 days ago

Package Health Score

92 / 100
Full package analysis