0
0

Delete article

Deleted articles cannot be recovered.

Draft of this article would be also deleted.

Are you sure you want to delete this article?

More than 3 years have passed since last update.

CloudFormationのスタックで, SecretsManagerからインポートする値をImportValueなどで解決する

Posted at

はじめに

SecretsManagerのシークレット名はstackでリソース作成時に自動生成していたのですが, いざその値を使いたいときにどうかけば良いか少しかかったので

解決

ImportValueの場合, JoinしながらImportValueを組み込めば終わります.

Parameters:
  TestParameter:
    Default: test-secret
    Type: String

HogehogeSecretKey:
  Fn::Join:
    - ""
    - - "{{resolve:secretsmanager:"
      - !ImportValue ExampleSecret
      - ":SecretString:SecretKey}}"

SubSample: !Sub "{{resolve:secretsmanager:${TestParameter}:SecretString:hoge}}"

注意点

逆のこと (resolveした値からRefなど)はできません

Parameters:
  MyParameter:
    Default: my-parameter-value
    Type: String

Resources:
  SampleLambda:
    Type: AWS::Lambda::Function
    Properties:
      # ...
      Environment:
        Variables:
          # MyParameterの値をRefしたいがエラー
          RefSample: !Ref "{{resolve:secretsmanager:test-secret:SecretString:paramname}}"

必ず, 組み込み関数の処理後にresolveが行われます.

まとめ

パラメータストアなどでもですが, 利用の幅が広がりますね

0
0
0

Register as a new user and use Qiita more conveniently

  1. You get articles that match your needs
  2. You can efficiently read back useful information
  3. You can use dark theme
What you can do with signing up
0
0

Delete article

Deleted articles cannot be recovered.

Draft of this article would be also deleted.

Are you sure you want to delete this article?