Skip to content

/AWS1/CL_ECSSECRET

An object representing the secret to expose to your container. Secrets can be exposed to a container in the following ways:

  • To inject sensitive data into your containers as environment variables, use the secrets container definition parameter.

  • To reference sensitive information in the log configuration of a container, use the secretOptions container definition parameter.

For more information, see Specifying sensitive data in the Amazon Elastic Container Service Developer Guide.

CONSTRUCTOR

IMPORTING

Required arguments:

iv_name TYPE /AWS1/ECSSTRING /AWS1/ECSSTRING

The name of the secret.

iv_valuefrom TYPE /AWS1/ECSSTRING /AWS1/ECSSTRING

The secret to expose to the container. The supported values are either the full ARN of the Secrets Manager secret or the full ARN of the parameter in the SSM Parameter Store.

For information about the require Identity and Access Management permissions, see Required IAM permissions for Amazon ECS secrets (for Secrets Manager) or Required IAM permissions for Amazon ECS secrets (for Systems Manager Parameter store) in the Amazon Elastic Container Service Developer Guide.

If the SSM Parameter Store parameter exists in the same Region as the task you're launching, then you can use either the full ARN or name of the parameter. If the parameter exists in a different Region, then the full ARN must be specified.

Queryable Attributes

name

The name of the secret.

Accessible with the following methods

Method Description
GET_NAME() Getter for NAME, with configurable default
ASK_NAME() Getter for NAME w/ exceptions if field has no value
HAS_NAME() Determine if NAME has a value

valueFrom

The secret to expose to the container. The supported values are either the full ARN of the Secrets Manager secret or the full ARN of the parameter in the SSM Parameter Store.

For information about the require Identity and Access Management permissions, see Required IAM permissions for Amazon ECS secrets (for Secrets Manager) or Required IAM permissions for Amazon ECS secrets (for Systems Manager Parameter store) in the Amazon Elastic Container Service Developer Guide.

If the SSM Parameter Store parameter exists in the same Region as the task you're launching, then you can use either the full ARN or name of the parameter. If the parameter exists in a different Region, then the full ARN must be specified.

Accessible with the following methods

Method Description
GET_VALUEFROM() Getter for VALUEFROM, with configurable default
ASK_VALUEFROM() Getter for VALUEFROM w/ exceptions if field has no value
HAS_VALUEFROM() Determine if VALUEFROM has a value

Public Local Types In This Class

Internal table types, representing arrays and maps of this class, are defined as local types:

TT_SECRETLIST

TYPES TT_SECRETLIST TYPE STANDARD TABLE OF REF TO /AWS1/CL_ECSSECRET WITH DEFAULT KEY
.