I recently launched a Slack app to help with channel bloat! Simply installing it would help me out a bunch. I have 2/10 installations required to submit my app to the Slack Marketplace. Thanks for helping me reach that goal.
While I was trying to figure out how to add secrets from AWS Secrets Manager to CodeBuild, I could not seem to find a concrete example of a CloudFormation template that implemented this.
While it is not too complicated, I wanted to throw some actual yaml up on the internet in case anyone else was looking for the same thing.
Parameters:
MySecretAsParameter:
Type: String
Description: My secret used in CodeBuild
Resources:
MySecretResource:
Type: 'AWS::SecretsManager::Secret'
Properties:
Name: MySecret
Description: My secret used in CodeBuild
SecretString: !Sub '${MySecretAsParameter}’
CodeBuildProject:
.
.
.
Environment:
EnvironmentVariables:
- Name: “MY_SECRET”
Type: "SECRETS_MANAGER"
Value: "MySecret"
In your buildspec file you can use this as you would normally use an environment variable in a bash command: curl -H “Authorization: $MY_SECRET” ….
This will keep your secrets in a secure place but still enable you to use them in your pipeline all natively in AWS.