Passing the password securely
Opened this issue · 2 comments
Hi there,
Thanks for the great work.
I have a question: is there any possible method to pass the password securely e.g. using a Secret?
Currently, as the password is passed as a string, it is exposed in the resulting CloudFormation template and in the lambda logs.
My attempts to use
someSecret.secretValue.toString()
end up in unresolved references passed to the lambda like this:
{{resolve:secretsmanager:arn:aws:secretsmanager:us-east-1:bla-bla-bla:SecretString:::}}
Any ideas?
hey @serge-loboda did you ever come up with a solution for this? I ran into the same issue and am reluctant to hardcode the password in my CDK code but there doesn't seem to be another option.
Hello @johnboy-leeds ,
Unfortunately, I could not resolve this using AWS CDK only. I ended up creating users in a different place of my pipeline, not in the CDK application.