aws-batch-alpha: Parameter Store secrets not supported in new version

jacob-swanson commented 1 year ago

Describe the bug

The older version of aws-batch-alpha allowed for secrets to be defined using either Secrets Manager or Parameter Store.

In the old JobDefinition construct, secrets was defined as:

readonly secrets?: {
    [key: string]: ecs.Secret;
};

Which works with either Secrets Manager or Parameter Store.

But the new EcsContainerDefinitionProps defines secrets as

readonly secrets?: {
    [envVarName: string]: secretsmanager.ISecret;
};

Which is just Secrets Manager.

Expected Behavior

I should be able to create a job definition using secrets from either Secrets Manager or Parameter Store.

Current Behavior

Job definitions cannot use secrets from parameter store.

Reproduction Steps

Snippet of old, working code:

new batch.JobDefinition(this, "JobDefinition", {
    container: {
        secrets: {
            ENVAR_NAME: ecs.Secret.fromSsmParameter(ssm.StringParameter.fromStringParameterName(this, "StringParameter", "stringParameterName"))
        }
    }
})

Possible Solution

No response

Additional Information/Context

No response

CDK CLI Version

2.87.0 (build 9fca790)

Framework Version

No response

Node.js Version

v18.16.1

OS

Pop!_OS 22.04 LTS

Language

Typescript

Language Version

No response

Other information

No response

peterwoodworth commented 1 year ago

Yep, looks like this is the case. @comcalvi something to take a look at, not sure how you would like to go about this.

comcalvi commented 1 year ago

ah, I missed that it could also be parameter store

github-actions[bot] commented 1 year ago

⚠️COMMENT VISIBILITY WARNING⚠️

Comments on closed issues are hard for our team to see. If you need more assistance, please either tag a team member or open a new issue that references this one. If you wish to keep having a conversation with other community members under this issue feel free to do so.

aws / aws-cdk