Description (mid-length e.g. "Create a Lambda function that sends events to EventBridge.")
Use AWS Secrets Manager to securely inject secrets into AWS Fargate Containers
Language: (optional e.g. "Python", if you have a Lambda function in your example)
Python
YouTube videoId (optional e.g. "VI79XQW4dIM")
Framework (currently we support SAM or CDK)
CDK
Services from/to (e.g. "Lambda to EventBridge)
Fargate to SecretsManager
Description (this must include a throughout explanation of the pattern together with details of IAM permissioning)
This pattern creates an Amazon ECS Cluster, ECS Task Definition, AWS Fargate Container, and AWS Secrets Manager instance, along with associated roles. Secrets Manager generates a random secret and injects this into the container upon start-up as environment variable. The container is spun up when a Fargate task is run in an existing VPC in the user's AWS account via a CLI command in the testing section. For the roles: A task execution role is created for logging to CloudWatch and for accessing the secrets (the policy for the secrets is added by default). An 'empty' (policy-less) default task role is also created along with Task Definition creation. The Task Definition does not display any hard-coded values for secrets in the console; rather, it displays the ARN of the Secret for which it retrieves the password from via its IAM role.
Deployment commands
Deployment: cdk deploy
Cleanup: cdk destroy
GitHub PR for template:
299
Payload example (e.g. Lambda event payload from source service).
Additional resources (optional: link and anchor text, up to 5 resources)
To submit a template to the Serverless Patterns Collection, submit an issue with the following information.
To learn more about submitting a pattern, read the publishing guidelines page.
Use the model template located at https://github.com/aws-samples/serverless-patterns/tree/main/_pattern-model to set up a README, template and any associated code.
Description (mid-length e.g. "Create a Lambda function that sends events to EventBridge.")
Use AWS Secrets Manager to securely inject secrets into AWS Fargate Containers
Language: (optional e.g. "Python", if you have a Lambda function in your example)
Python
YouTube videoId (optional e.g. "VI79XQW4dIM")
Framework (currently we support SAM or CDK)
CDK
Services from/to (e.g. "Lambda to EventBridge)
Fargate to SecretsManager
Description (this must include a throughout explanation of the pattern together with details of IAM permissioning)
This pattern creates an Amazon ECS Cluster, ECS Task Definition, AWS Fargate Container, and AWS Secrets Manager instance, along with associated roles. Secrets Manager generates a random secret and injects this into the container upon start-up as environment variable. The container is spun up when a Fargate task is run in an existing VPC in the user's AWS account via a CLI command in the testing section. For the roles: A task execution role is created for logging to CloudWatch and for accessing the secrets (the policy for the secrets is added by default). An 'empty' (policy-less) default task role is also created along with Task Definition creation. The Task Definition does not display any hard-coded values for secrets in the console; rather, it displays the ARN of the Secret for which it retrieves the password from via its IAM role.
Deployment commands
Deployment: cdk deploy Cleanup: cdk destroy
GitHub PR for template:
299
Payload example (e.g. Lambda event payload from source service).
Additional resources (optional: link and anchor text, up to 5 resources)
Author bio
Name: Abdul Ahad Khan Photo URL: https://avatars.githubusercontent.com/u/9752760?v=4 LinkedIn: https://www.linkedin.com/in/abdulahadk Description (up to 255 chars): Abdul Ahad is a DevOps Engineer at AWS ProServe based out of the Mid-Atlantic.