Im using ECS with Fargate and trying to access my Secret Manager secrets, but when I spin up my task, they just arent there.
Since the secret is a list of secret variables, will it be evaluated as if it was a .env file? What I'm missing ?
Im trying this way:
Im my task definition container: (My secret name has a slash "/")
"secrets": [{
"name": "ecs-fretegestao/main-api",
"valueFrom": "arn:aws:secretsmanager:<my-region>:<my-acc>:secret:ecs-fretegestao/main-api-4qTFqP"
}]
My vpc and subnets have the secretsmanager endpoint:
com.amazonaws.us-east-1.secretsmanager
And my task execution role has access to everything.
Since the secret is a list of secret variables, will it be evaluated as if it was a .env file? What I'm missing ?
No, it won't be evaluated at all. It's unclear what you are expecting it to do here.
This: "name": "ecs-fretegestao/main-api", tells ECS to create an environment variable inside the container named ecs-fretegestao/main-api (it's really weird to have a / in an environment variable name by the way). That environment variable will have the value of the secret in it. The secret value will be whatever this ARN identifies: arn:aws:secretsmanager:<my-region>:<my-acc>:secret:ecs-fretegestao/main-api-4qTFqP. If that ARN identifies a list, then the environment variable will contain a list.