Open PekonenIlmari opened 1 month ago
Please note when your consumer stack has imported the value from an exported stack, you won't be allowed to update that exported resource as it has been consumed. This is a limitation of cloudformation.
secret_value = aws_cdk.Fn.import_value("newsecret")
glue_alpha.Connection(
self,
id,
connection_name=connection_name,
type=glue_alpha.ConnectionType.JDBC,
subnet=subnet,
security_groups=security_groups,
properties={
"JDBC_CONNECTION_URL": connection_url,
"SECRET_ID": secret_value.secret_name,
},
)
Given above, were you trying to update the secret from another stack? What is the error messages?
I was trying to update the value of SECRET_ID
for connection properties and not the secret value itself. The problem is that when trying to extract the secret_name
from this imported value the secret_name
isn't updated on AWS side (value under AWS Secret). There is no error message at any point.
Describe the bug
When importing secret using
aws_secretsmanager.Secret.from_secret_complete_arn()
and populating thesecret_complete_arn
with the arn value that has been exported usingCfnOutput
from other stack, it is not possible to use this secret withaws_glue_alpha.Connection
.This problem only occurs when you are trying to import secret using the arn from
import_value
, if the arn is harcoded everything works as supposed.Expected Behavior
This is the expected behaviour when trying to change
SECRET_ID
withsecret.secret_name
from secret imported with harcoded arn. This also populates the secret name in the console.CDK change set:
Current Behavior
This is the behaviour when trying to change
SECRET_ID
withsecret.secret_name
from secret imported with aws_cdk.Fn.import_value() arn. This doesn't populate the secret name in console.CDK change set:
Reproduction Steps
Create secret in a Stack and export it using
CfnOutput
import value in other Stack using `aws_cdk.Fn.import_value()' and create a connection
Possible Solution
No response
Additional Information/Context
No response
CDK CLI Version
2.138.0
Framework Version
No response
Node.js Version
20.11.0
OS
MacOS
Language
Python
Language Version
No response
Other information
No response