I am trying to get secret from secret manager. The current documentation for env vars for the serverless container config shows to do the following which doesn’t make sense.
DATABASE_ARN: ${env:DATABASE_ARN} # Example, using Serverless Framework Variables to resolve a value from AWS Secrets Manager.
DATABASE_URL: ${aws:ssm:/path/to/param} # Example, using Serverless Framework Variables to resolve a value from AWS Systems Manager Parameter Store.
Now I have a secret stored where it is a key value store the key is just “key” and I want the env var to be the stored string.
If I don’t try to reference with “.key” I get an object which throws an error
- containers.service.environment.API_KEY : Expected string, received object
Input:
API_KEY : ${aws:ssm:/aws/reference/secretsmanager/api-key}
If I try to use “.key” there is no value found
variable at 'containers.service.environment.API_KEY'. No value is available for this variable, and no default value was provided.
Input
API_KEY : ${aws:ssm:/aws/reference/secretsmanager/api-key.key}
With lambdas I have done the following to get this to work. I relied on the custom resolver which doesn’t exist for containers.
Below is what works for me in lambda
environment:
API_KEY: ${self:custom.api_key.key}
custom:
api_key: ${ssm:/aws/reference/secretsmanager/api-key}
Is there a way to do this for container yamls?